US20200234287A1 - Method and system for utilizing authorization factor pools - Google Patents
Method and system for utilizing authorization factor pools Download PDFInfo
- Publication number
- US20200234287A1 US20200234287A1 US16/693,035 US201916693035A US2020234287A1 US 20200234287 A1 US20200234287 A1 US 20200234287A1 US 201916693035 A US201916693035 A US 201916693035A US 2020234287 A1 US2020234287 A1 US 2020234287A1
- Authority
- US
- United States
- Prior art keywords
- token
- merchant
- chd
- access
- party
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 194
- 238000013475 authorization Methods 0.000 title claims description 224
- 230000003278 mimic effect Effects 0.000 claims 1
- 230000008569 process Effects 0.000 abstract description 165
- 230000004044 response Effects 0.000 description 39
- 230000008520 organization Effects 0.000 description 30
- 238000010586 diagram Methods 0.000 description 26
- 238000012545 processing Methods 0.000 description 11
- 238000012360 testing method Methods 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 7
- 230000008901 benefit Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 230000002452 interceptive effect Effects 0.000 description 5
- 230000000977 initiatory effect Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 239000000284 extract Substances 0.000 description 3
- 239000011159 matrix material Substances 0.000 description 3
- 241001465754 Metazoa Species 0.000 description 2
- 239000003086 colorant Substances 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 101150010802 CVC2 gene Proteins 0.000 description 1
- 241000282412 Homo Species 0.000 description 1
- 235000009754 Vitis X bourquina Nutrition 0.000 description 1
- 235000012333 Vitis X labruscana Nutrition 0.000 description 1
- 240000006365 Vitis vinifera Species 0.000 description 1
- 235000014787 Vitis vinifera Nutrition 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 239000004570 mortar (masonry) Substances 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 239000011435 rock Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
- G06Q20/0855—Payment architectures involving remote charge determination or related payment systems involving a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/22—Payment schemes or models
- G06Q20/24—Credit schemes, i.e. "pay after"
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Definitions
- Tokenization is a process used in credit, debit, and gift card processing systems to avoid storing cardholder data (CHD) such as credit and debit card numbers, pin numbers, expiration dates, card security codes, and the like at a merchant's location.
- CHD cardholder data
- POS point-of-sale
- the gateway system requests authorization from a credit card processor, which obtains authorization from a bank that issued the card.
- the gateway system receives the authorization from the credit card processor and provides a token to the merchant for storage along with the authorization.
- the token can be a globally unique, randomized, alphanumeric replacement for the CHD.
- the merchant's POS system stores the token instead of storing the CHD. If the merchant needs to reauthorize a customer (for example, to add a tip at a restaurant), the merchant sends the token to the gateway system, which then sends the actual CHD to the processor. With tokenization, thieves cannot steal CHD from merchants because the tokens are stored in place of the actual CHD.
- Embodiments of the present disclosure relate to a system for sharing cardholder data (CHD).
- the system includes a tokenization system.
- the tokenization system may be configured to receive CHD of a cardholder, or customer, from a first merchant.
- the tokenization system can associate a token with the CHD in physical computer storage to thereby enable the token to be used to represent the CHD or, in some cases, in place of the CHD.
- the tokenization system may be configured to electronically transmit the token to the first merchant so as to enable the first merchant to perform a first transaction for the cardholder without having to store the CHD.
- the system may include a token-access granting system that includes computer hardware.
- the token-access granting system may be configured to receive an indication from the first merchant that one or more of the token and the CHD are to be shared with a second merchant. In response to receiving the indication, the token-access granting system may be configured to authorize the second merchant to access one or more of the token and the CHD, thereby enabling the second merchant to perform a second transaction for the cardholder.
- Additional embodiments of the present disclosure relate to a method for sharing a token associated with cardholder data (CHD) in a tokenization provider system to enable the sharing of cardholder data between users.
- the method may be performed by a token access system implemented in a computing system that includes one or more processors.
- the method may include generating a first set of words and associating the first set of words with a token.
- the token may be associated with CHD in a tokenization provider system.
- the method may further include associating, in computer memory of the token access system, the first set of words with a user.
- the method may include providing access to the first set of words to the user.
- the method may also include receiving user authentication information associated with the user and receiving a second set of words from the user.
- the method includes determining whether the user is authorized to use the token by at least authenticating the user based, at least in part, on the user authentication information, and determining whether the second set of words matches the first set of words.
- the method may include providing the user with electronic access to the token.
- Some embodiments of the present disclosure relate to a system for sharing cardholder data (CHD).
- This system may include a token acquisition system configured to provide CHD of a cardholder to a tokenization provider system. Further, the token acquisition system may be configured to receive electronically a token associated with the CHD so as to enable a first merchant associated with the token acquisition system to perform a first transaction for the cardholder without having to store the CHD.
- the system includes a token sharing system configured to provide to the tokenization provider system an indication that one or more of the token and the CHD are to be shared with a second merchant, thereby enabling the second merchant to perform a second transaction for the cardholder.
- FIG. 1 illustrates an example embodiment of a token-sharing environment.
- FIG. 2 illustrates a flow diagram for an example embodiment of a token provisioning process.
- FIG. 3 illustrates a flow diagram for an example embodiment of a process for accessing cardholder data.
- FIG. 4 illustrates a flow diagram for a second example embodiment of a token provisioning process.
- FIG. 5 illustrates a flow diagram for a second example embodiment of a process for accessing cardholder data.
- FIG. 6 illustrates a flow diagram for an example flow of information using a tokenization provider system.
- FIG. 7 illustrates an example embodiment of a user login interface.
- FIG. 8 illustrates an example embodiment of a user registration interface.
- FIG. 9 illustrates an example embodiment of a merchant selection interface.
- FIG. 10 illustrates an example embodiment of a populated merchant selection interface.
- FIG. 11 illustrates an example embodiment of a CHD access interface.
- FIG. 12 illustrates an example of a CHD provisioning interface.
- FIG. 13 illustrates an example embodiment of a token-sharing environment.
- FIG. 14 illustrates a flow diagram for an example embodiment of a process for accessing a token.
- FIG. 15 illustrates a flow diagram for a third example embodiment of a process for accessing cardholder data.
- FIG. 16 illustrates an example embodiment of a token access system.
- FIG. 17 illustrates a flow diagram for an example embodiment of an interactive voice response (IVR) based token sharing process.
- IVR interactive voice response
- FIG. 18 illustrates a flow diagram for an example embodiment of a token generation process.
- FIG. 19 illustrates an example embodiment of a token-sharing environment.
- FIG. 20 illustrates a flow diagram for a third example embodiment of a token provisioning process.
- FIG. 21 illustrates a flow diagram for a fourth example embodiment of a process for accessing cardholder data.
- FIG. 22 illustrates a flow diagram for an example embodiment of a token-provisioning process using a machine-readable code.
- FIG. 23 illustrates a flow diagram for an example embodiment of a process for accessing CHD using a machine-readable code.
- tokenization sometimes come at the expense of flexibility. Because a merchant that uses tokenization stores a token instead of cardholder data (CHD), the merchant cannot share the CHD with a second merchant. This inability to share CHD can affect the merchant's ability to fully service his or her customers. For example, many quality hotels will make restaurant reservations, order flowers, reserve theatre tickets, and provide a number of additional services for guests that help differentiate these quality hotels from lesser quality hotels. However, without access to CHD, it becomes more difficult if not impossible to provide guests with these aforementioned services.
- CHD cardholder data
- the lack of access to CHD by merchants that use third-party services, which take advantage of tokenization, can affect the ability of some merchants to charge for cancelled reservations.
- a golf course may work with a vacation reservation company to sell tee-times to vacationers. If a vacationer fails to show up without properly cancelling his or her reservation, the golf course may wish to charge the vacationer a cancellation fee.
- the vacation reservation company utilizes a tokenization service, the vacation reservation company will be unable to provide the golf course with the CHD.
- a merchant may desire to reacquire CHD.
- the merchant may want to process a transaction that includes interacting with a payment or credit card processor that is not supported by the tokenization gateway, which handles transactions on behalf of merchants that opt to use tokenization.
- One embodiment of the present disclosure provides a system and associated processes for sharing CHD between a merchant that uses tokenization and a second merchant that may or may not use tokenization.
- the merchant or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system.
- the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. If the second merchant is not registered with the tokenization provider system, the merchant and/or the tokenization provider system can invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the initial merchant associates with the second merchant.
- the second merchant identifies the token associated with the CHD to the tokenization provider system. If the merchant has given the second merchant access to the token, then the tokenization provider system can provide the second merchant with the CHD. In one embodiment, providing the CHD to the second merchant comprises the tokenization provider system performing a transaction using the CHD for the second merchant.
- the tokenization provider performing the transaction for the second merchant maintains the security advantages gained from tokenization because the second merchant can use the CHD without the second merchant viewing the CHD and without a copy of the CHD being sent to the second merchant's location.
- the second merchant can use the tokenization provider system, or the second merchant's tokenization provider system, to obtain a new token associated with the CHD and the second merchant.
- the second merchant can then take advantage of tokenization and avoid storing the CHD at the second merchant's location.
- providing the second merchant with access to the token and/or the CHD associated with the token comprises providing the second merchant with an authorization factor.
- This authorization factor is associated with one or more of the token, the CHD, and the second merchant.
- the tokenization provider system can request that the second merchant present the authorization factor as part of the user authentication process.
- use of the authorization factor prevents automated systems from accessing the token and/or CHD.
- use of the authorization factor increases the security of the CHD because, in certain embodiments, the CHD is protected by two levels of obscurity. A user attempting to access the CHD may be required to authenticate with the tokenization provider system and provide the authorization factor.
- the authorization factor can be associated with the CHD and the user thereby preventing a user who is authorized to access the tokenization provider system, but not the CHD from accessing the CHD.
- FIG. 1 illustrates an example embodiment of a token-sharing environment 100 .
- the token-sharing environment 100 can comprise a tokenization provider system 102 , a merchant environment 104 , and a third-party merchant environment 106 .
- the tokenization provider system 102 is associated with a tokenization provider (not shown) and can generally include any system capable of creating a token associated with CHD, storing the token and the CHD, and providing the token to a user (e.g. a merchant 142 ) of the tokenization provider system 102 . Further, the tokenization provider system 102 can generally include any system capable of performing a payment card transaction on behalf of the merchant 142 without the merchant 142 having or maintaining a copy of the CHD.
- This CHD can include any information associated with a customer of the merchant environment 104 and the customer's payment card that is necessary to process a payment transaction, but which the merchant 142 does not wish to store at the merchant environment 104 due to, for example, security-related expenses or concerns.
- the payment card can be any type of card that can facilitate completing the payment transaction.
- the payment card can be a credit card, debit card, or gift card.
- a tokenization provider system is the Dollars On The Net® solution from Shift4® Corporation of Las Vegas, Nev.
- the merchant environment 104 can generally include any product or service provider that accepts credit cards, or other types of payment cards, for payment and utilizes the tokenization provider system 102 for payment processing.
- the merchant environment 104 can be a hotel, an electronics store, a restaurant, an online ecommerce website, or a healthcare provider, to name a few.
- the merchant environment 104 may be associated with an organization, or merchant organization, that is affiliated with or owns one or more merchant environments. For example, assuming the merchant environment represents a hotel, the organization may be associated with a number of hotel locations and/or hotel chains.
- the merchant organization is a different organization than the tokenization provider.
- the merchant organization may be the same organization as the tokenization provider that is associated with the tokenization provider system 102 .
- the tokenization provider system 102 may represent, at least in part, the corporate headquarters for the merchant organization or it may represent a central processing facility for processing payment transactions for one or more locations of the merchant environment 104 .
- the merchant environment 104 may represent a store location owned by the merchant organization, or the merchant environment 104 may represent a franchisee.
- the third-party merchant environment 106 can generally include any product or service provider that accepts credit cards, or other types of payment cards, for payment and may or may not utilize the tokenization provider system 102 for payment processing.
- the third-party merchant environment 106 can be a flower shop, a hotel, a theatre, another ecommerce website, or a franchisee of the merchant environment 104 .
- the third-party merchant environment 106 may utilize a tokenization provider system that is not affiliated with the tokenization provider system 102 .
- the third-party merchant environment 106 includes a third-party merchant 162 .
- the third-party merchant 162 can represent any individual associated with the third-party merchant environment 106 .
- the merchant 142 can obtain CHD from a cardholder, or customer, (not shown) during a first or initial transaction.
- the POS 144 can provide the CHD to a token access system 122 , which is associated with the tokenization provider system 102 .
- the token access system 122 can provide the POS 144 with a token associated with the CHD. This token can be generated by the token access system 122 or a token generation system (not shown) that is associated with the tokenization provider system 102 .
- the POS 144 can then delete any CHD and can store the token at the token repository 152 , which is part of the merchant repository system 150 .
- the POS 144 can associate the token with a cardholder, or customer, profile associated with the cardholder, or customer, and stored at the customer profile repository 154 , which is part of the merchant repository system 150 .
- the token access system 122 can store the CHD and the token, as well as the relationship between the token and the CHD, at the token/CHD relationship repository 132 , which is part of the tokenization provider repository system 130 .
- the token access system 122 can generally include any system that can generate tokens associated with CHD and provide the tokens to a merchant environment 104 . Further, the token access system 122 can include any system that can regulate access to the tokens, and CHD associated with the tokens.
- the merchant repository system 150 can generally include any repository, database, or information storage system that can store information associated with the merchant environment 104 .
- the merchant repository system 150 comprises the token repository 152 and the customer profile repository 154 .
- the token repository 152 can generally include any system capable of storing tokens associated with CHD.
- the token repository 152 stores token identifiers associated with tokens stored at the tokenization provider system 102 .
- the token repository 152 stores hashed and/or encrypted versions of the token instead of, or in addition to, the token.
- the customer profile repository 154 can generally include any information associated with customers of the merchant environment 104 that the merchant environment 104 may store.
- the customer profile repository 154 may include the cardholder's or customer's identity, the customer's preferences (e.g. red flowers or a corner hotel room), and the customer's purchase history, to name a few.
- one or more of the token repository 152 and the customer profile repository 154 may store information linking an entry in the customer profile repository 154 with an entry in the token repository 152 thereby associating a token with a customer.
- the token repository 152 and the customer profile repository 154 can be combined or divided further.
- the tokenization provider repository system 130 can generally include any repository, database, or information storage system that can store information associated with the tokenization provider system 102 .
- the tokenization provider repository system 130 comprises a token/CHD relationship repository 132 , a token access repository 134 , and a CHD access log repository 136 .
- the token/CHD relationship repository 132 can generally include any system that can store CHD and tokens, as well as the relationship between the tokens and the CHD.
- the tokens and CHD may each be stored in a hashed and/or encrypted form.
- the token access repository 134 can generally include any system that can store information associated with identifying who can access the tokens and CHD maintained by the tokenization provider system 102 .
- the CHD access log repository 136 can generally include any system that can store information associated with token and CHD access by users of the tokenization provider system 102 . These users can include both users who use the tokenization provider system 102 for tokenization services (e.g. the merchant 142 ) and users who access the tokenization provider system 102 to access shared tokens or CHD (e.g. the third-party merchant 162 ). In one embodiment, the token/CHD relationship repository 132 , the token access repository 134 , and the CHD access log repository 136 can be combined or divided further.
- the merchant 142 provides the token or the token-identifier to the third-party merchant 162 using, for example, the computing system 146 thereby enabling the third-party merchant 162 to access CHD associated with the token at the tokenization provider system 102 .
- access to the CHD is generally on a limited basis.
- the third-party merchant 162 may only be able to access the CHD once, a small number of times, or for a predefined period (such as 15-minutes).
- access to the CHD is not so limited in other embodiments.
- the merchant 142 can remove access to the CHD from the third-party merchant 162 by requesting that the token access system 122 disassociate the token from the third-party merchant 162 .
- the merchant 142 provides token access to one or more users that have been pre-identified to the tokenization provider system 102 by the admin 148 using, for example, the computing system 146 .
- the admin 148 can remove access to the CHD from the one or more pre-identified users.
- the pre-identified users can be third-parties (e.g. the third-party merchant 162 ) and/or users associated with the merchant environment 104 (e.g. the merchant 142 ).
- the third-party merchant 162 accesses the token access system 122 via a computing system 164 or a POS 166 .
- the third-party merchant 162 authenticates with the token access system 122 and can then request the CHD associated with a token by providing a copy of the token or a token identifier associated with the token to a CHD access system 124 . If the third-party merchant 162 has been pre-authorized by the admin 148 to access the CHD, the CHD access system 124 can provide the third-party merchant 162 with access to the CHD. Once the third-party merchant 162 has gained access to the CHD, the third-party merchant 162 can process a transaction for the customer via the POS 166 using the CHD.
- the third-party merchant 162 can use the gateway 126 to process the transaction.
- gaining access to the CHD enables the third-party merchant 162 to view the CHD.
- gaining access to the CHD enables the third-party merchant 162 to perform a transaction with or without viewing the CHD.
- the CHD access system 124 causes the CHD to be displayed to the user via one or more of the POS 166 and the computing system 164 .
- the CHD access system 124 can generally include any system that can provide access to CHD associated with a token.
- the CHD access system 124 authenticates a user and determines whether the user is authorized to access the CHD before providing access to CHD associated with a token.
- the token access system 122 can log each access of the CHD or token at the CHD access log repository 136 , which is part of the tokenization provider repository system 130 .
- the token access system 122 or the CHD access system 124 , can log each access of the CHD or token at the CHD access log repository 136 , which is part of the tokenization provider repository system 130 .
- by logging each access of the CHD or token it can be determined if a potential unauthorized use of the CHD is attributable to the merchant 142 , the third-party merchant 162 , or some unrelated party.
- the POS 166 can generally represent any point-of-sale system that can process payment card transactions by communicating with the credit card processor 174 .
- the POS 166 communicates directly with the credit card processor 174 .
- the POS 166 communicates with the credit card processor 174 via the network 170 .
- the POS 166 may also communicate with the credit card processor 174 or the credit card processors 172 using the tokenization provider system 102 . Generally, this communication may occur if the third-party merchant environment 106 is also a customer of the tokenization provider system 102 .
- the POS 166 may use the tokenization provider system 102 to communicate with the credit card processors without the third-party merchant environment 106 being a customer of the tokenization provider system 102 .
- the third-party merchant 106 may be authorized to use the tokenization provider system 102 when initiating transactions that use CHD associated with a token provided by a party that is a customer of the tokenization provider system 102 , such as the merchant environment 104 .
- the POS 166 and the POS 144 can be similarly configured.
- the gateway 126 can generally include any system that can process transactions by providing CHD and transaction information to the credit card processors 172 either directly or via the network 170 on behalf of the merchant environment 104 .
- the computing systems 146 and 164 can generally include any computing device(s), such as desktops, laptops, and wireless mobile devices (e.g. smart phones, PDAs, tablets, or the like), to name a few.
- one or more of the merchant environment 104 and the third-party merchant environment 106 is associated with an ecommerce website.
- the computing systems 146 and 164 can also include video game platforms, television set-top boxes, televisions (e.g., internet TVs), and computerized appliances, to name a few.
- the computing systems 146 and 164 can include any computing device that can interact with the tokenization provider system 102 .
- providing access to a token and the CHD associated with the token comprises associating an authorization factor with the token.
- the merchant 142 can send the token and a merchant identifier associated with the third-party merchant 162 to the token access system 122 .
- the token access system 122 can use the authorization factor generator 128 to generate an authorization factor.
- the authorization factor can be associated with the token and the merchant identifier at the token access repository 134 .
- the token access system 122 can provide the authorization factor along with the token or token-identifier to the third-party merchant 162 enabling the third-party merchant 162 to access the CHD associated with the token at the tokenization provider system 102 .
- the merchant 142 provides the authorization factor to the third-party merchant 162 .
- the authorization factor generator 128 can generally include any system capable of generating or otherwise accessing an authorization factor.
- the authorization factor can include any factor that can be used to help authenticate the third-party merchant 162 and to prevent automated systems, possibly associated with malicious users, from attempting to obtain CHD access.
- the authorization factor can comprise a set of one or more random or pseudo-random words, numbers, symbols, images, sounds, or a combination of the same.
- the authorization factor can be non-random and may be associated with a defined algorithm.
- the authorization factor can be associated with a theme.
- the authorization factor can be a set of four random color words, car images, or rock music sound bites.
- the authorization factor can be a security question.
- the authorization factor can be in one or more languages.
- the words may be sets of random characters that may or may not spell a word as understood by, for example, the merchant 162 .
- the third-party merchant 162 authenticates with the tokenization provider system 102 .
- the third-party merchant 162 also provides both a token or token identifier and an authorization factor. If the authorization factor matches an authorization factor associated with the token and the token is associated with the third-party merchant 162 , then the CHD access system 124 can provide the third-party merchant 162 with access to the CHD associated with the token.
- the third-party merchant 162 must be registered with the tokenization provider system 102 , and have been granted access to the CHD by the merchant 142 .
- the admin 148 identifies the merchants, or users, to the tokenization provider system 102 that the merchant 142 can potentially provide token access. In one embodiment, the admin 148 identifies to the tokenization provider system 102 the employees of the merchant environment 104 that can share token access with other merchants, or users.
- the authorization factor is presented to the third-party merchant 162 via a human-detection test, such as a captcha, reverse Turing test, or other challenge-response test.
- the authorization factor is presented to the third-party merchant via a RSA hardware authenticator.
- a phone-verification system (not shown) associated with the tokenization provider system 102 can contact the third-party merchant 162 to request verification that the third-party merchant 162 is attempting to access the CHD associated with a token.
- use of the phone-verification system can advantageously prevent attempts at automated CHD access by malicious programs.
- one or more of the token access system 122 , the CHD access system 124 , and the authorization factor generator 128 can be located at the merchant environment 104 .
- the merchant environment 104 represents an electronics store and the third-party merchant environment 106 represents an extended warranty provider.
- the extended warranty provider is contracted with the merchant environment 104 to provide extended warranties to customers of the merchant environment 104 who opt to purchase an extended warranty with their electronic purchase.
- a customer who is attempting to purchase a television may provide CHD to the merchant environment 104 .
- the merchant environment 104 may then provide the CHD to the tokenization provider system 102 .
- the tokenization provider system 102 processes the transaction and returns a token associated with the CHD to the merchant environment 104 which stores the token and associates the token with the customer. Now, assume the customer decides to purchase the extended warranty for the television.
- the merchant environment 104 can authorize the third-party merchant environment 106 to use the token.
- the third-party merchant environment 106 can then access the tokenization provider system 102 and request the CHD associated with the token, thereby enabling the third-party merchant 106 to process the extended warranty transaction for the customer.
- the third-party merchant environment 106 can request that the tokenization provider system 102 process the extended warranty transaction using the CHD associated with the token.
- FIG. 2 illustrates a flow diagram for an example embodiment of a token provisioning process 200 .
- the process 200 can be implemented by any system that can generate and associate a token with CHD on behalf of a merchant 142 and can provide a second merchant, such as the third-party merchant 162 , with access to the token.
- the process 200 in whole or in part, can be implemented by one or more of the token access system 122 , the CHD access system 124 , and the gateway 126 .
- the second merchant can be a merchant that is associated with the merchant 142 , such as an employee of the merchant 142 .
- the process 200 will be described as being generally implemented by the token access system 122 .
- the process 200 begins at block 202 , where, for example, the token access system 122 receives CHD from the merchant 142 .
- the token access system 122 generates a token.
- This token can be any piece of random or pseudo-random globally unique data that can be stored by the merchant 142 in place of the CHD.
- the token can include alphanumeric characters, symbols, pictures, sounds, video, etc.
- the token may include a set of four words that may be English words, words in any other language, or words from multiple languages.
- a user can provide the token to a system, such as the token access system 122 , using a user interface configured according to the type of token.
- the user interface may include a set of text fields.
- the interface may receive input from a musical keyboard or may map different keys on a computer keyboard to different sounds.
- the keys that map to the sounds may differ each time the user attempts to provide the token using the user interface thereby reducing the possibility that a user can learn a set of letters in place of the sound-based token.
- the token can be based on a theme.
- using easily remembered tokens such as English words associated with a theme (e.g., animals, colors, etc.) facilitates a user remembering the token.
- accessing the CHD using the token may require authentication of a user as well as determining the user's authorization to use the token.
- using a token that is designed to be relatively easy to remember does not reduce the security benefits of tokenization.
- the token may include multiple types of data, e.g., the token could be any combination of words, images, sounds, or video.
- the token may include a word, a set of random characters, and five musical notes.
- the token value or contents can be used to facilitate generating the token.
- the token differs from an encrypted version of the CHD and thus, cannot be manipulated to obtain the CHD.
- the token can be an encrypted form of the CHD or a combination of encrypted CHD and false non-CHD.
- the token may be formatted in a card-swipe compatible format. Further, in some cases, the token may be formatted to be processed by one or more systems (e.g., Point of Sale systems) as if the token were CHD. Moreover, the token may be configured to replace CHD or a Primary Account Number (PAN) included with the CHD with a surrogate value. Typically, this surrogate value is unique and is generated to not include a valid PAN or CHD.
- PAN Primary Account Number
- a single token exists at any given time per CHD. However, at different points in time, a different token may be associated with a particular CHD. In some embodiments, the token is, at least in part, algorithmically generated.
- the token access system 122 associates the token with the CHD.
- the relationship between the token and the CHD is stored at the token/CHD relationship repository 132 .
- the token access system 122 may also associate the token with the merchant 142 . This relationship may also optionally be stored at the token/CHD relationship repository 132 .
- there may exist a number of tokens and sets of CHD data For example, there may be one, a hundred, a thousand, ten-thousand, a million, or more tokens and sets of CHD data.
- the token access system 122 may maintain relationships between a number of tokens and sets of CHD data, including, one, a hundred, a thousand, ten-thousand, etc.
- one token is associated with one set of CHD data.
- a token may be associated with multiple sets of CHD data and/or a set of CHD data may be associated with multiple tokens.
- multiple merchants may have obtained a set of CHD from a customer, and as a result, if more than one of the merchants uses tokenization, it is possible for multiple tokens to be associated with one set of CHD.
- the token access system 122 provides the token to the merchant 142 .
- providing the token to the merchant 142 enables the merchant to perform transactions without the CHD.
- the merchant 142 can identify the token and provide transaction details, for example, to the gateway 126 or the token access system 122 .
- the gateway 126 can then process the transaction on behalf of the merchant 142 .
- the merchant 142 can store the token at the token repository 152 .
- the merchant 142 can perform a transaction using the CHD without directly accessing, viewing, or maintaining a copy of the CHD at the merchant environment 104 .
- the token access system 122 receives a request to associate the token with a second merchant, such as the third-party merchant 162 .
- the request comprises receiving one or more of an identifier, contact information, and account information associated with the third-party merchant 162 .
- this information does not include information that the third-party merchant 162 uses to access the tokenization provider system 102 .
- the identifier or account information may include a public identifier that the third-party merchant 162 can share with merchants who wish to grant the third-party merchant 162 with token access, but generally the public identifier is distinct from an identifier the third-party merchant 162 uses to identify itself to the tokenization provider system 162 .
- the public identifier and the login identifier may be the same.
- the request comprises receiving the identity of the token.
- the request comprises receiving a copy of the token.
- the token access system 122 authorizes the second merchant (e.g. the third-party merchant 162 ) to access the token at block 212 .
- authorizing access to the token comprises authorizing access to the CHD.
- block 212 can also comprise informing the second merchant that the second merchant, or an account associated with the second merchant, is authorized to access the token and/or CHD.
- informing the second merchant of the authorization can comprise emailing, texting, leaving a voice message, or providing an alert via the POS 166 , the computing system 164 , or an account page associated with the third-party merchant 162 at the tokenization provider system 102 .
- authorizing the second merchant to access the token comprises providing a copy of the token and/or an identifier associated with the token to the second merchant.
- the token access system 122 stores the relationship between the second merchant and the token and/or CHD at the token access repository 134 .
- FIG. 3 illustrates a flow diagram for an example embodiment of a process 300 for accessing cardholder data.
- the process 300 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162 , with CHD associated with a token, which was created in response to a first merchant, such as the merchant 142 , providing the CHD to the system or a related system.
- the process 300 in whole or in part, can be implemented by one or more of the token access system 122 , the CHD access system 124 , and the gateway 126 .
- the second merchant can be a merchant that is associated with the merchant 142 , such as an employee of the merchant 142 .
- the process 300 can be used by the merchant 142 , who initially provided the CHD, or an employee of the merchant 142 , to retrieve the CHD. Although any number of systems, in whole or in part, can implement the process 300 , to simplify discussion, the process 300 will be described as being generally implemented by the CHD access system 124 .
- the process 300 begins at block 302 , where, for example, the CHD access system 124 receives user authentication information associated with, for example, the third-party merchant 162 .
- This user authentication information can generally include any information that can be used to authenticate the third-party merchant 162 .
- the user authentication information can include: a user name, a password, a RSA token code (e.g. a code produced by an RSA SecurIDTM hardware authenticator), and the response to a challenge-response test, such as a human-detection test response (e.g. a captcha response) or an answer to a security question.
- a human-detection test response e.g. a captcha response
- the CHD access system 124 determines, based at least in part on the user authentication information, if the third-party merchant 162 is authorized to access the tokenization provider system 102 , or any system associated with the tokenization provider system 102 . If the third-party merchant 162 is not authorized to use the tokenization provider system 102 , the CHD access system rejects the third-party merchant 162 at block 306 . In one embodiment, rejecting the third-party merchant 162 can comprise initiating a registration process that enables the third-party merchant 162 to register with the tokenization provider system 102 . In one embodiment, rejecting the third-party merchant 162 can comprise providing an error message to the third-party merchant 162 .
- the CHD access system 124 receives a token from the third-party merchant 162 at block 308 .
- the CHD access system 124 accesses the token pre-associated with the third-party merchant 162 by the merchant 142 from the token access repository 134 .
- receiving the token comprises receiving a token identifier associated with the token.
- receiving the token includes receiving a request to access CHD associated with the token.
- the CHD access system 124 determines if the third-party merchant 162 is authorized to use the token. In one embodiment, to determine if the third-party merchant 162 is authorized to use the token, the CHD access system 124 determines if the third-party merchant 162 is associated with the token at the token access repository 134 .
- the CHD access system 124 rejects the third-party merchant's 162 request to access the CHD associated with the token at block 312 .
- rejecting the third-party merchant's 162 request can include logging the third-party merchant's 162 request at the CHD access log repository 136 .
- rejecting the third-party merchant's 162 request can include informing the merchant 142 of the third-party merchant's 162 attempt to use the token and/or access the CHD associated with the token.
- the tokenization provider system 102 in response to the third-party merchant's 162 failed attempt to access the CHD, can replace the token at the tokenization provider system 102 and the merchant environment 104 with a new token.
- the CHD access system 124 provides access to CHD associated with the token at block 314 .
- providing access to the CHD comprises providing the CHD to one or more of the POS 166 and the computing system 164 .
- the third-party merchant 162 can view the CHD.
- the third-party merchant 162 can initiate a transaction using the CHD at the POS 166 , but without viewing the CHD.
- providing access to the CHD comprises the gateway 126 performing a transaction using the CHD on behalf of the third-party merchant 162 .
- providing the third-party merchant 162 with access to the CHD can include logging the third-party merchant's 162 access of the CHD at the CHD access log repository 136 .
- the CHD access system 124 removes the third-party merchant's 162 authorization to use the token, and consequently, the third-party merchant's 162 authorization to access the CHD at the tokenization provider system 102 .
- removing the third-party merchant's 162 authorization to use the token can comprise disassociating the token and the third-party merchant 162 at the token access repository 134 .
- the threshold for removing the third-party merchant's 162 authorization to use the token can be based on any predetermined event. For example, authorization can be removed after the third-party merchant 162 uses the token or accesses the CHD a pre-determined number of times, such as once or five-times.
- authorization can be removed after a pre-defined time period, such as 15-minutes from the time merchant 142 authorizes the third-party merchant 162 to use the token, or 10-minutes from the time that the third-party merchant 162 access the CHD using the token.
- block 316 is optional.
- FIG. 4 illustrates a flow diagram for a second example embodiment of a token provisioning process 400 .
- the process 400 can be implemented by any system that can generate and associate a token with CHD on behalf of a merchant 142 and can provide a second merchant, such as the third-party merchant 162 , with access to the token.
- the process 400 in whole or in part, can be implemented by one or more of the token access system 122 , the CHD access system 124 , and the gateway 126 .
- the second merchant can be a merchant that is associated with the merchant 142 , such as an employee of the merchant 142 .
- the process 400 will be described as being generally implemented by the token access system 122 .
- the process 400 can be used to provide either a third-party merchant (e.g. the third-party merchant 162 ), or an employee of the merchant 142 or the merchant environment 104 (e.g. the merchant 142 ) with access to a token or CHD associated with the token.
- a third-party merchant e.g. the third-party merchant 162
- an employee of the merchant 142 or the merchant environment 104 e.g. the merchant 142
- the process 400 will be described as being used to provide the third-party merchant 162 with access to the token or CHD associated with the token.
- the process 400 begins at block 402 , where, for example, the token access system 122 receives user authentication information associated with the merchant 142 .
- This user authentication information can comprise any information necessary for the token access system 122 to authenticate the merchant 142 .
- the user authentication information can comprise a user name, a password, and a RSA token code, to name a few.
- the token access system 122 determines if the merchant 142 is authorized to grant a second merchant access to a token. In one embodiment, granting the second merchant access to the token can include granting the second merchant the ability to use the token to process a transaction. In one embodiment, decision block 404 comprises determining if the merchant 142 is authorized to access one or more of the tokenization provider system 102 , the token access system 122 and the gateway 126 . In one embodiment, the merchant 142 may have access to the tokenization provider system 102 without having permission to access all of the systems associated with the tokenization provider system 102 .
- the merchant 142 may have access to the gateway 126 enabling the merchant 142 to process transactions for a customer, but may not have access to the token access system 122 thereby preventing the merchant 142 from providing token access to a second merchant.
- the admin 148 determines the merchant's 142 level of access to the tokenization provider system 102 .
- the admin 148 can configure an account associated with the merchant 142 and the tokenization provider system 102 to restrict the merchant's 142 level of access to one or more of systems, tokens, and CHD associated with the tokenization provider system 102 .
- the token access system 122 rejects the merchant 142 from further accessing the token access system 122 at block 406 . If the merchant 142 is authorized to grant token access to a second merchant, the token access system 122 receives the identity of a token from the merchant 142 at block 408 . Receiving the identity of the token can comprise receiving a token or receiving a token identifier associated with the token. Further, receiving the identity of the token may include receiving a customer record that is associated with a token.
- the merchant 142 can grant token access without knowing the token value, knowing that a token exists, or having any understanding of how tokenization works.
- the token access system 122 verifies that the merchant 142 provided a token associated with the merchant 142 or the merchant environment 104 . If the token is not associated with the merchant 142 or the merchant environment 104 , the token access system can reject the token. In one embodiment, the token access system 122 can also lock the merchant 142 out of the tokenization provider system 102 , log the merchant's 142 actions at the CHD access log repository 130 , report the access attempt to the admin 148 , or combinations of the same.
- the token access system 122 receives the identity of the third-party merchant 162 , the user whom the merchant 142 wishes to grant token access.
- the token access system 122 receives the identity of the third-party merchant environment 106 or an organization associated with the third-party merchant environment 106 .
- receiving the identity of the third-party merchant 162 comprises receiving the identity of a merchant account associated with the tokenization provider system 102 and the third-party merchant 162 .
- the identity can include any information that identifies the third-party merchant 162 , or third-party merchant environment 106 , to the tokenization provider system 102 .
- the identifying information may include an e-mail address, a phone number, or any other contact information.
- providing contact information as an identifier enables the merchant 142 to identify a third-party merchant 162 that has not yet registered with the tokenization provider system 102 or without knowing the third-party merchant's 162 unique identifier.
- the token access system 122 may also receive a time-based or event-based set of conditions associated with the third-party merchant 162 that limits the third-party merchant's 162 access to the CHD.
- the conditions may limit the time-period in which the third-party merchant 162 can access the CHD or the number of times the third-party merchant 162 can access the CHD using the token.
- the conditions can include a monetary limit.
- setting a monetary limit can prevent a third-party merchant 162 from quoting one price to a customer or merchant 142 while charging a higher price once access to the CHD is obtained.
- the admin 148 may also pre-define the set of conditions such that each time the merchant 142 provides a third-party merchant with CHD access, the set of conditions are automatically associated with the CHD access.
- the token access system 122 determines if the third-party merchant 162 is authorized to access tokens. This determination can comprise determining if the third-party merchant 162 is registered with the tokenization provider system 102 and/or if the third-party merchant 162 is authorized to access tokens associated with the merchant environment 104 . If the third-party merchant 162 is not authorized to access tokens, the token access system 122 rejects the merchant selection of the third-party merchant 162 at block 414 . In some embodiments, rejecting the merchant selection can comprise sending a registration request to or initiating a registration process with the third-party merchant 162 . In some embodiments, rejecting the merchant selection can comprise requesting that the admin 148 authorize the third-party merchant 162 to access tokens associated with the merchant environment 104 , if so desired.
- the token access system 122 If the third-party merchant 162 is authorized to access tokens, the token access system 122 generates a set of random words at block 416 using, for example, the authorization factor generator 128 . Alternatively, the token access system 122 can generate any other type of authentication factor using, for example, the authorization factor generator 128 , as described above with respect to FIG. 1 .
- the set of random words are associated with the token identified at block 408 .
- the set of random words are associated with the third-party merchant 162 . In one embodiment, the set of random words are associated with a merchant account associated with the third-party merchant environment 106 . An employee associated with the third-party merchant environment 106 that has access to the merchant account can then use the set of random words and obtain access to the token and associated CHD as described with respect to FIG. 5 .
- the set of random words are provided to the third-party merchant 162 .
- the set of random words can be provided by any type of communication.
- the token access system 122 can provide the set or random words by email, text, or voicemail, to name a few.
- the set of random words are provided to the merchant 142 .
- the merchant 142 can then provide the set of random words to the third-party merchant 162 .
- performing block 422 can further comprise performing block 212 as described with respect to FIG. 2 .
- the set of random words are provided in an encrypted format to the third-party merchant 162 .
- the third-party merchant 162 can then decrypt the encrypted set of random words.
- the set of random words can be provided in clear text.
- malicious users are prevented from using the set of random words to access the token and/or CHD associated with the token.
- FIG. 5 illustrates a flow diagram for a second example embodiment of a process 500 for accessing cardholder data.
- the process 500 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162 , with CHD associated with a token, which was created in response to a first merchant, such as the merchant 142 , providing the CHD to the system or a related system.
- the process 500 in whole or in part, can be implemented by one or more of the token access system 122 , the CHD access system 124 , and the gateway 126 .
- the second merchant can be a merchant that is associated with the merchant 142 , such as an employee of the merchant 142 .
- the process 500 can be used by the merchant 142 , who initially provided the CHD, or an employee of the merchant 142 , to retrieve the CHD. Further, the process 500 can be used by the third-party merchant 162 to access CHD from any number of merchants who have authorized the third-party merchant 162 to use their tokens. Although any number of systems, in whole or in part, can implement the process 500 , to simplify discussion, the process 500 will be described as being generally implemented by the CHD access system 124 .
- the process 500 begins at block 502 , where, for example, the CHD access system 124 receives user authentication information associated with the third-party merchant 162 .
- This user authentication information can generally include any information that can be used to authenticate the third-party merchant 162 .
- the user authentication information can include: a user name, a password, a RSA token code, and the response to a challenge-response test, such as a captcha response or an answer to a security question.
- the CHD access system 124 determines, based at least in part on the user authentication information, if the third-party merchant 162 is authorized to access the tokenization provider system 102 , or any system associated with the tokenization provider system 102 .
- decision block 504 can include determining if the third-party merchant 162 is registered with the tokenization provider system 102 .
- decision block 504 can include determining if the merchant 142 , or the admin 148 , has provided the third-party merchant 162 with access to tokens associated with the merchant 142 or the merchant environment 104 .
- rejecting the third-party merchant 162 can comprise initiating a registration process that enables the third-party merchant 162 to register with the tokenization provider system 102 . In one embodiment, rejecting the third-party merchant 162 can comprise providing an error message to the third-party merchant 162 .
- the CHD access system 124 receives a set of words from the third-party merchant 162 at block 508 . Alternatively, or additionally, the CHD access system 124 receives any authorization factor generated by the authorization factor generator 128 and provided to the third-party merchant 162 as part of the implementation of the process 400 .
- the CHD access system 124 determines if the set of words received from the third-party merchant 162 match a set of random words associated with a token. In one embodiment, the third-party merchant 162 also identifies the token. Alternatively, the CHD access system 124 identifies the token by determining if there exists any token associated with a set of random words that match the received set of words and if so, the CHD access system 124 determines if the third-party merchant 162 is authorized to access that token.
- the CHD access system 124 rejects the third-party merchant 162 at block 506 .
- Rejecting the third-party merchant 162 can comprise causing an error message to be presented to the third-party merchant 162 . Further, in some embodiments, rejecting the third-party merchant 162 can cause an account associated with the third-party merchant 162 to be deactivated or suspended.
- the CHD access system 124 accesses the token associated with the set of random words at, for example, the tokenization provider repository system 130 .
- the CHD access system 124 obtains CHD associated with the token.
- the CHD access system 124 provides the third-party merchant 162 with access to the CHD over a secure connection.
- the CHD is provided via the network 170 .
- the CHD is provided to the computing system 164 at block 516 .
- the computing system 164 can then provide the CHD directly to the POS 166 and/or cause the CHD to be presented to the third-party merchant 162 .
- the CHD is provided to the POS 166 at block 516 .
- the POS 166 can then provide the CHD to the credit card processor 174 to complete a transaction.
- providing the third-party merchant 162 with access to the CHD can comprise the CHD access system 124 receiving transaction information associated with a requested transaction.
- the CHD access system 124 can then provide the CHD and the transaction information to the gateway 126 , which can then process the transaction using the credit card processors 172 .
- the third-party merchant 162 is able to use the CHD without the CHD being presented to the third-party merchant 162 .
- a subset of the CHD is presented to the third-party merchant 162 enabling the third-party merchant 162 to log the transaction and/or to verify that the transaction is associated with the correct CHD or customer.
- the CHD access system 124 may verify that the value of the transaction does not exceed a pre-defined transaction-limit associated with the third-party merchant's 162 access of the CHD. If the transaction-limit is exceeded, the CHD access system 124 can reject the transaction. Further, the CHD access system 124 can report the attempted transaction to the merchant 142 or the admin 148 . The CHD access system 124 can also report successful transactions to the merchant 142 thereby enabling the merchant 142 to verify that the third-party merchant 162 processed the transaction for the merchant's 142 customer.
- the CHD access system 124 logs each access and/or attempted access of the token and/or CHD at the CHD access log repository 136 .
- the CHD access log repository 136 can be accessed to determine what parties may have accessed the token and/or CHD around the time associated with the disputed credit card use.
- the CHD access system 124 disassociates the set of random words from the token and the third-party merchant 162 .
- disassociating the set of random words can include deleting or removing the words from the tokenization provider system 102 .
- block 518 is performed in response to the third-party merchant 162 accessing the token and/or CHD.
- block 518 is performed in response to a pre-defined event.
- This pre-defined event can include any event associated with the token and/or CHD.
- the pre-defined event can comprise: the number of times the set of random words have been provided by the third-party merchant 162 to the tokenization provider system 102 (e.g. once, or five times); the length of time since the set of random words were associated with the token (e.g. 15-minutes); or the length of time since the third-party merchant 162 first accessed the token and/or CHD, to name a few.
- the CHD access system 124 may disassociate the set of random words from the token without the third-party merchant 162 having ever accessed or attempted to access the CHD. For example, if the pre-defined event is a time-limit or time-period, the CHD access system 124 can disassociate the set of random words from the token at the expiration of the time-limit or time-period whether or not the third-party merchant 162 accessed the CHD. In addition, if the owner of the token (e.g.
- the token owner can access the tokenization provider system 102 and remove the third-party merchant's 162 authorization to access the token, and thus the CHD associated with the token. Removing the authorization to access the token may include disassociating the set of random words from the token prior to the pre-defined event occurring.
- the third-party merchant 162 can communicate with the CHD access system 124 using any secure system.
- the third-party merchant 162 can provide the user authentication information or the set of random words using a secure portal or webpage associated with the tokenization provider system 102 .
- the third-party merchant 162 can use a virtual private network (VPN) or a secure application obtained from the tokenization provider system 102 to access the tokenization provider system 102 and to provide the user authentication information or the set of random words to the CHD access system 124 .
- VPN virtual private network
- a merchant can use the process 200 or 400 to reduce CHD misuse or the misappropriation of CHD by a malicious user because the CHD is not stored with the merchant.
- the merchant can provide CHD to a third-party merchant who may not be a customer of the tokenization provider system or who may not be capable of interacting with the tokenization provider system due to, for example, differing CHD processing systems or legal regulations in the third-party merchant's country or jurisdiction.
- the merchant can use the process 300 or 500 to require CHD to complete a transaction with a bank or credit card processor whose payment card processing systems may not be capable of interacting with the tokenization provider system.
- FIG. 6 illustrates a flow diagram for an example flow 600 of information using a tokenization provider system 606 .
- Some or all of the systems described herein can be used to facilitate the flow illustrated in FIG. 6 .
- the interaction with the merchant 604 can be via a computing system associated with the merchant 604 .
- interaction with the third-party merchant may be via a POS.
- the flow 600 begins at event 1 with the customer 602 providing CHD to the merchant 604 .
- This CHD is then provided by the merchant 604 to the tokenization provider system 606 at event 2 .
- the tokenization provider system 606 generates a token and associates the token with the CHD.
- This token is provided to the merchant at event 4 .
- the merchant 604 can store the token in place of the CHD and can destroy or not save any copies of the CHD that the merchant 604 received.
- the merchant 604 generates the token or at least a portion of the token instead of (or in addition to) the tokenization provider system 606 .
- the customer 602 provides a product or service request to the merchant 604 for a product or service that may be provided by the third-party merchant 608 .
- the request may be for opera tickets, flowers, or for an appointment at a spa.
- the merchant 604 authorizes the third-party merchant 608 to access the token at the tokenization provider system 606 by communicating the authorization to the tokenization provider system 606 .
- the tokenization provider system 606 at event 7 , generates an authorization factor, such as a set of four random words, and associates the third-party merchant with the authorization factor and the token.
- the tokenization provider system 606 provides the authorization factor to the merchant 604 , such as by email or through a web-portal.
- the merchant 604 provides the authorization factor and the customer's 602 product or service request to the third-party merchant 608 at event 9 .
- the third-party merchant 608 authenticates with the tokenization provider system 606 .
- the third-party merchant 608 also provides the authorization factor to the tokenization provider system 606 at event 10 .
- authenticating and providing the authorization factor may be two separate events.
- the tokenization provider system 606 provides access to the CHD associated with the token at event 11 .
- providing access to the CHD may include providing the CHD to the third-party merchant 608 .
- the flow of information illustrated in FIG. 6 is for illustrative purposes and is not intended to be limiting.
- the tokenization provider system 606 instead of, or in addition to, the tokenization provider system 606 providing the authorization factor to the merchant 604 at event 8 , the tokenization provider system 606 can provide the authorization factor to the third-party merchant 608 .
- FIGS. 7-12 illustrate several non-limiting embodiments of interface screens that can be electronically generated by one or more of the tokenization provider system 102 , the token access system 122 , or any other system that can regulate the access of CHD associated with a token.
- GUIs Graphical User Interfaces
- the interface screens are not limited as such.
- the interface screens can include command-line interfaces (CLIs), three-dimensional interfaces, or a combination of interface types.
- a user such as the third-party merchant 162 can access the interface screens illustrated in FIGS. 7-12 using a POS 166 , a computing system 164 , or the like.
- some or all of the interface screens may be included as part of a web-based or Internet-based software application that is accessed via a network 170 .
- some or all of the interface screens may be part of a client-side software application stored locally, such as on the computing system 164 , which can communicate over the network 170 with a server-side application stored on, for example, the token access system 122 .
- FIG. 7 illustrates an embodiment of a user login interface 700 .
- the user login interface 700 enables a user (e.g. the third-party merchant 162 ) who desires to access CHD associated with another user's token (e.g. the merchant 142 or organization associated with the merchant 142 ) to access the token access system 122 .
- users who desire to provide token access to another party e.g. a user or organization
- the third-party merchant 162 can provide a user name and password using the login panel 702 to authenticate with the token access system 122 .
- Other authentication mechanisms are possible.
- the login panel 702 can present the third-party merchant 162 with an opportunity to present a unique cryptographic identifier or key.
- This key in certain embodiments, can then be matched to or decrypted with a corresponding public key to authenticate the third-party merchant 162 .
- the user login interface 700 includes a registration link 704 .
- This registration link 704 can be used to direct an unregistered user to a registration screen, such as the user registration interface 800 depicted in FIG. 8 .
- the user login interface 700 can also include a login link 706 that can be used to direct a user (e.g. the merchant 142 ) who is registered with the tokenization provider system 102 to another login interface.
- This additional login interface can be user by subscribers of the tokenization provider system 102 to manage token access, such as to grant token access to third-party merchant organizations and/or users.
- FIG. 8 illustrates an embodiment of a user registration interface 800 .
- the user registration interface 800 enables a user to register with the token access system 122 by providing, for example, contact information, a username, and a password.
- the user registration interface 800 can be used, for example, by the third-party merchant 162 of FIG. 1 , who may not necessarily be a customer of the provider of the tokenization provider system 102 .
- the third-party merchant 162 can access CHD associated with tokens that have been associated with the third-party merchant 162 or the third-party merchant environment 106 by the user who is a customer of the organization associated with the tokenization provider system 102 .
- a merchant 142 or an organization associated with the merchant environment 104 that is a customer of the organization associated with the tokenization provider system 102 can use the user registration interface 800 to register an account with the token access system 122 .
- this enables merchants to share access to CHD and/or tokens with other merchants whether or not the other merchants are customers of the tokenization provider system 102 .
- FIG. 9 illustrates an embodiment of a merchant selection interface 900 .
- the merchant selection interface 900 enables a user (e.g. the third-party merchant 162 ) to select or connect to another user or associated organization (e.g. a merchant 142 , a merchant environment 104 , or an organization associated with the merchant environment 104 ) that has provided token access to the user or an organization associated with the user (e.g. the user's employer).
- the third-party merchant 162 can use the merchant selection interface 900 to select the organization associated with the merchant environment 104 .
- the third-party merchant 162 can select the merchant environment 104 .
- the merchant organization is a hotel chain
- the third-party merchant 162 can select a specific franchise, location, or branch of the hotel chain using the merchant selection interface 900 .
- the merchant selection interface 900 enables the third-party merchant 162 to select any organization (or user) registered with the tokenization provider system 102 .
- the merchant selection interface 900 may be configured to enable the third-party merchant 162 to select organizations (or users) that are currently sharing a token with the third-party merchant 162 .
- the third-party merchant 162 may be able to select any organization (or user) that has shared a token with the third-party merchant 162 at some point, whether or not the organization is currently sharing a token with the third-party merchant 162 .
- the merchant selection interface 900 can include an existing connections panel 902 .
- the existing connections panel 902 can list some or all of the users or organizations with whom the third-party merchant 162 is currently connected. In some embodiments, the existing connections panel 902 may list organizations that are sharing a token with the third-party merchant 162 . Alternatively, the existing connections panel 902 may list any organization with which the third-party merchant 162 has established a connection. In some embodiments, the third-party merchant 162 can select organizations with which to connect. For some embodiments, organizations that are sharing tokens with the third-party merchant 162 (or an associated organization) are automatically connected to the third-party merchant 162 and may automatically be listed on the existing connections panel 902 .
- the existing connections panel 902 can list connections in any order.
- the existing connection panel 902 may list the organizations that are currently sharing a connection before displaying other connections.
- organizations may be listed in alphabetical order, by frequency of access, or based on when the organization was added to the list.
- the merchant selection interface 900 can include one or more search fields 904 for locating organizations that may have shared a token with the third-party merchant 162 (or an associated organization).
- These search fields 904 can include, for example, a name field, a city field, an address field, or a product or service field (e.g. electronics, hospitality, restaurants, etc.), to name a few.
- the search fields 904 may be used to search for an organization that is known to the tokenization provider system 102 or that has registered with the tokenization provider system 102 .
- the results list 906 can list the organizations identified based on the information supplied to the search fields 904 . Although illustrated as a drop-down list, the results list 906 is not limited as such and may include any type of GUI element, or other interface element, for displaying the list of results. For example, the results list 906 may include a dialog box, pop-up dialog box, a combo box, or other GUI element.
- FIG. 10 illustrates an example embodiment of a populated merchant selection interface 1000 .
- the populated merchant selection interface 1000 is substantially similar to the merchant selection interface 900 .
- the search fields 904 and the results list 906 of the populated merchant selection interface 1000 illustrate sample search information and sample results respectively.
- FIG. 11 illustrates an example embodiment of a CHD access interface 1100 .
- the CHD access interface 1100 enables the third-party merchant 162 (or other user) to access CHD associated with a token that has been shared with the third-party merchant 162 or an associated organization of the third-party merchant 162 .
- the third-party merchant 162 can provide an authorization factor associated with the token that is associated with the CHD.
- the authorization factor can be, for example, a set of four words.
- the third-party merchant 162 can provide the authorization factor via authorization fields 1102 .
- Authorization fields 1102 can include any GUI element for providing the authorization factor including, for example, a GUI element that allows for the uploading of an authentication file, such as a cryptographic key associated with the third-party merchant 162 .
- the authorization fields 1102 include four text fields for entering the authorization factor.
- the CHD access interface 1100 may also include a challenge-response mechanism 1104 .
- This challenge-response mechanism 1104 can include any mechanism for preventing automated systems, such as Internet bots, from accessing CHD using the CHD access interface 1100 .
- the challenge-response mechanism can include a security question, a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) (as illustrated in FIG. 11 ), combinations of the same, or the like.
- CATCHA Completely Automated Public Turing test to tell Computers and Humans Apart
- FIG. 12 illustrates an example of a CHD provisioning interface 1200 .
- the CHD provisioning interface 1200 can present CHD via CHD fields 1204 to a user, such as the third-party merchant 162 . Further, the CHD provisioning interface 1200 can include a timer 1202 that identifies how much time is remaining for the third-party merchant 162 to access the CHD before the CHD is cleared from the CHD provisioning interface 1200 .
- the CHD provisioning interface 1200 includes GUI fields for specifying a transaction.
- the tokenization provider system 102 can perform the transaction for the third-party merchant 162 .
- the CHD provisioning interface 1200 may not present the CHD to the third-party merchant 162 .
- the CHD provisioning interface 1200 may present the status of the transaction, including a confirmation value.
- FIG. 13 illustrates an example embodiment of a token-sharing environment 1300 .
- the token-sharing environment 1300 illustrates an example embodiment of merchant environments managing, at least in part, their own token access systems. Further, the token-sharing environment 1300 illustrates an example of a third-party merchant environment 1306 accessing tokens from other merchant environments (e.g., the merchant environment 1304 ).
- Reference numbers from FIG. 1 are re-used to indicate correspondence between referenced elements in FIG. 1 and in FIG. 13 and, to simplify discussion, descriptions of these corresponding elements are not repeated with respect to FIG. 13 .
- the token-sharing environment 1300 can include a tokenization provider system 1302 , a merchant environment 1304 , and a third-party merchant environment 1306 . Further, the token-sharing environment 1300 may include one or more merchant environments 1380 . In addition, although not depicted, the token-sharing environment 1300 may include a number of credit card processors.
- FIG. 13 does not illustrate any systems or subsystems associated with the tokenization provider system 1302
- the tokenization provider system 1302 may include some or all of the systems included by the tokenization provider system 102 . Further, the tokenization provider system 1302 may include some or all of the embodiments described above with relation to the tokenization provider system 102 . Similarly, the merchant environment 1304 and the third-party merchant environment 1306 may each include some or all of the embodiments described above with relation to the merchant environment 104 and the third-party merchant environment 106 .
- the one or more merchant environments 1380 may include any number or type of systems and configurations. In some cases, some or all of the merchant environments 1380 may include at least some systems and configurations associated with the merchant environment 104 , the merchant environment 1304 , the third-party merchant environment 106 , and/or the third-party merchant environment 1306 . Further, at least some of the merchant environments 1380 may use tokenization, or include a token access system or other system associated with accessing and/or sharing tokens.
- a merchant 142 associated with the merchant environment 1304 may obtain a token for a set of CHD.
- the merchant 142 may obtain this token by, for example, swiping a credit card through the POS 144 or entering CHD into the POS 144 , which is then provided to a tokenization system (e.g., the tokenization provider system 1302 ), which provides the token to the merchant 142 , or to a system associated with the merchant environment 1304 (e.g., the POS 144 or the token repository 152 ).
- a tokenization system e.g., the tokenization provider system 1302
- associating the token with the third-party merchant environment 1306 may occur in response to a request by the merchant 142 .
- the merchant 142 can cause the token to be associated with the third-party merchant environment 1306 before, or without, the third-party merchant 162 requesting access to the token.
- the third-party merchant 162 may require access to the CHD associated with the token.
- the third-party merchant 162 may want access to the CHD before completing a transaction to provide a service or product to a customer of the merchant 142 .
- accessing the CHD may include obtaining the CHD.
- accessing the CHD may include the ability to use the CHD, but may or may not include obtaining the CHD or having the ability to view the CHD.
- the inability to view the CHD prevents a merchant from viewing all the CHD, in many cases at least some of the CHD may be viewable.
- the third-party merchant 162 may not be able to view an account number, the third-party merchant 162 may be able to view the name of the cardholder.
- the third-party merchant 162 may use the computing system 1364 to communicate with a token access system 1322 associated with the merchant environment 1304 .
- the computing system 1364 may include a token access client 1390 .
- the token access client 1390 may be implemented as a separate system from the computing system 1364 .
- the third-party merchant 162 may access the token access client 1390 directly.
- the third-party merchant 162 may access the token access client 1390 via the computing system 1364 .
- the token access client 1390 can generally include any system that is capable of identifying a token source for obtaining access to a token associated with CHD.
- the token source may include the merchant environment 1304 or the tokenization provider system 1302 .
- the token access client 1390 may identify the token source based on the authorization factor provided to the third-party merchant environment 1306 by the merchant environment 1304 using, for example, the token access system 1322 .
- the third-party merchant 162 may configure the token access client 1390 with the identity of the token source.
- the token access system 1322 may identify the merchant environment 1304 as the token source when providing the authorization factor to the third-party merchant 162 or the third-party merchant environment 1306 .
- the third-party merchant 162 may request access to a token from the merchant environment 1304 .
- This request may be provided to the token access system 1322 .
- the token access system 1322 can include any system that can generate tokens and provide access to the tokens to a merchant or employee of a merchant environment including the third-party merchant environment 1306 .
- the token access system 1322 may be located at the merchant environment 1304 in its entirety. However, in some cases, the token access system 1322 may be a distributed system. Further, in some cases, the token access system 1322 may be split between the merchant environment 1304 and the tokenization provider system 1302 .
- the token access system 1322 may include the CHD access system 1324 .
- the token access system 1322 may use the CHD access system 1324 to obtain access to the CHD on behalf of the third-party merchant 1306 .
- the third-party merchant 162 can provide transaction details, such as the price of a product, to the token access system 1322 at the merchant environment 1304 , and the token access system 1322 can complete the transaction for the third-party merchant environment 1306 and provide a confirmation to the third-party merchant 162 .
- the CHD access system 1324 can include some or all of the features described above with respect to the CHD access system 124 .
- the token access system 1322 may generate a set of random words, or some other authorization factor, and associate the set of random words with the token and the third-party merchant environment 1306 , or an employee thereof (e.g., the third-party merchant 162 ). The token access system 1322 can then provide the set of random words to the third-party merchant environment 1306 or the third-party merchant 162 .
- FIG. 14 illustrates a flow diagram for an example embodiment of a process 1400 for accessing a token.
- the process 1400 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162 , with access to a token created in response to a first merchant, such as the merchant 142 , providing CHD to a tokenization system.
- the process 1400 in whole or in part, can be implemented by one or more of the token access system 1322 , the computing system 146 , and the tokenization provider system 1302 .
- the process 1400 will be described as being generally implemented by the token access system 1322 .
- the block 1402 includes authenticating the user. Authenticating the user may also include determining whether the user or the third-party merchant environment 1306 is authorized to provide the set of words or to access the tokens of the merchant environment 1304 associated with the token access system 1322 . Some embodiments for authenticating the user and for determining the user's authorization are described above with respect to the blocks 502 and 504 .
- the token access system 1322 determines whether the set of words match a set of random words associated with a token. If the set of words do not match the set of random words, the token access system 1322 rejects the user, or the user's request to access the token, at the block 1406 .
- the decision block 1404 can include some or all of the embodiments described above with respect to the decision block 510 . Further, in some embodiments, the block 1406 can include some or all of the embodiments described above with respect to the block 506 .
- the token access system 1322 can provide the user with the token associated with the set of random words at block 1408 .
- the block 1408 may further include determining whether the token is associated with the user prior to providing the user with the token.
- the block 1408 may include providing the user with access to the token with or without providing the user with the token.
- the token access system 1322 may inform the user that the user has obtained access to the token and that in response to the user providing transaction details, the token access system 1322 can complete the transaction for the user using the token.
- the third-party merchant 162 can complete a transaction using a token and CHD associated with the token without ever viewing or accessing the token or CHD.
- the token access system can disassociate the set of random words from the token and the user.
- the block 1410 can include disassociating the token with the user (e.g., the third-party merchant 162 ).
- the token access system can disassociate the set of random words from the token and the user.
- the block 1410 can include disassociating the token with the user (e.g., the third-party merchant 162 ).
- the token access system can disassociate the set of random words from the token and the user.
- the block 1410 can include disassociating the token with the user (e.g., the third-party merchant 162 ).
- some or all of the embodiments described above with respect to the block 518 may apply to the block 1410 .
- FIG. 15 illustrates a flow diagram for a third example embodiment of a process 1500 for accessing cardholder data.
- the process 1500 can be implemented by any system that can provide a second merchant (e.g., the third-party merchant 162 ) with access to CHD associated with a token, which was created in response to a first merchant (e.g., the merchant 142 ) providing the CHD to the system or a related system.
- the process 1500 in whole or in part, can be implemented by one or more of the CHD access system 1324 , the token access client 1390 , the computing system 1364 , the token access system 124 , and the token access system 1322 .
- the process 1500 will be described as being generally implemented by the computing system 1364 .
- the process begins at block 1502 where, for example, the computing system 1364 at the third-party merchant environment 1306 using, for example, the token access client 1390 provides a set of words to a token access system 1322 hosted by the merchant environment 1304 .
- the block 1502 may be part of an authentication process for accessing the token access system 1322 . Examples of authentication elements and processes that may be used herein are described in “The OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-25,” dated Mar. 8, 2012, located at http://tools.ietf.org/html/draft-ietf-oauth-v2-25 (last accessed Mar. 23, 2012) and is hereby incorporated by reference herein in its entirety.
- the block 1502 may include an authentication process for authenticating the third-party merchant 162 . The set of words may then be used to identify the specific token to be accessed.
- the block 1502 may include a process for determining the token access system and/or merchant environment to access or to provide the set of words. In some cases, determining the merchant environment to access is based on the set of words. In other cases, the merchant environment is selected by the third-party merchant 162 . Alternatively, the merchant environment is preselected by, for example, an administrator. In some cases, the process 1500 may be performed in response to a system hosted by the merchant environment 1304 , such as the token access system 1322 , communicating with a system hosted by the third-party merchant environment 1306 , such as the computing system 1364 . In some cases, the merchant environment may be selected via merchant specific identifiers, such as a merchant account number.
- the merchant account number may be specified by a user associated with the third-party merchant environment 1306 (e.g., the third-party merchant 162 ). Alternatively, the merchant account number may be associated with the set of words or provided by the merchant who provided the set of words to the third-party merchant environment 1306 .
- the computing system 1364 receives a token associated with a set of cardholder data from the token access system 1322 .
- receiving the token may include receiving a copy of the token.
- receiving the token may include receiving access to the token and/or permission to use the token, but in some embodiments does not include receiving a copy of the token.
- the third-party merchant 162 can use the token without the token being transmitted from the merchant environment 1304 , or a system associated with the merchant environment 1304 , to the third-party merchant environment 1306 .
- the computing system 1364 using, for example, the CHD access system 1324 may provide the token to a tokenization provider system 1302 to obtain access to the CHD associated with the token.
- the computing system 1364 may receive access to the CHD from the tokenization provider system 1302 .
- receiving access to the CHD may include receiving a copy of the CHD.
- the copy of the CHD may include an encrypted copy of the CHD, which may be decrypted by, for example, the CHD access system 1324 .
- receiving access to the CHD may include obtaining permission to use the CHD at the tokenization provider system 1302 .
- the third-party merchant 162 using, for example, the computing system 1364 or POS 166 may provide transaction details to the tokenization provider system 1302 .
- the tokenization provider system 1302 may then complete the transaction on behalf of the third-party merchant 162 .
- the third-party merchant 162 can complete a transaction using the CHD without obtaining a copy of the CHD.
- the third-party merchant 162 may provide the transaction details to, for example, the token access system 1322 hosted by the merchant environment 1304 .
- the token access system 1322 may then provide the transaction details and the token to the tokenization provider system 1302 , which may complete the transaction on behalf of the third-party merchant 162 .
- the third-party merchant 162 can complete a transaction using the CHD without ever obtaining a copy of the CHD or the token associated with the CHD.
- FIG. 16 illustrates an example embodiment of a token access system 1622 .
- the token access system 1622 can include any type of system that can be used by a tokenization provider system (e.g., the tokenization provider system 102 ) or a merchant environment (e.g., the merchant environment 1304 ) to provide a user or merchant with access to a token and/or CHD associated with a token.
- the token access system 1622 can include some or all of the embodiments described above with respect to the token access system 122 and/or the token access system 1322 .
- the token access system 1622 can include an authorization factor generator 128 , a CHD access system 124 , and an interactive voice response (IVR) system 1630 .
- the authorization factor generator 128 and the CHD access system 124 of token access system 1622 can include some or all of the embodiments previously described with respect to the authorization factor generator 128 and the CHD access system 124 .
- the IVR system 1630 can include any system that enables a user to interact with the token access system 1622 using voice input.
- the voice input can include voice commands as well as any information or data that can be provided by voice.
- the IVR system 1630 can prompt a user to provide commands and/or data via an audio prompt.
- the IVR system 1630 can be configured to interact with a user via other methods and mechanisms.
- the IVR system 1630 can be an interactive voice and video response (IWR) system capable of interacting with a user via both voice and video.
- IVR system 1630 can interact with the user via static images and/or an interactive user interface, which may include audio, video, or images.
- a user can use one or more of a telephone, dumbphone, a feature phone, a smartphone, and a computing device (e.g., a laptop, desktop, tablet, etc.) to interact with the IVR system 1630 .
- a user can use a system or service that utilizes Voice over Internet Protocol (VoIP) to interact with the IVR system 1630 .
- VoIP Voice over Internet Protocol
- a computer or computing system can interact with the IVR system 1630 .
- configuring a computer system to interact with the IVR system 1630 enables interacting with the IVR system 1630 using an automated system and/or process.
- FIG. 17 illustrates a flow diagram for an example embodiment of an interactive voice response (IVR) based token sharing process 1700 .
- the process 1700 can be implemented by any system that can interact with a system or user via voice input and audio output to enable a user to share a token with another user or entity.
- the process 1700 in whole or in part, can be implemented by one or more of the token access system 1622 , the IVR system 1630 , the token access system 122 , and the token access system 1322 .
- any number of systems, in whole or in part, can implement the process 1700 , to simplify discussion, portions of the process 1700 will be described with respect to particular systems.
- the process begins at block 1702 where, for example, the token access system 1622 authenticates a user via the IVR system 1630 .
- Authenticating the user can include requesting the user provide information associated with the user to the IVR system 1630 .
- This information can include a unique identifier (e.g., a social security number, a unique account number, etc.), a pin number, an answer to a security question, a name, or any other information that can be used to help identify the user or verify the user's specified identity.
- the process 1700 may end, provide the user an opportunity to re-authenticate, and/or alert an administrator.
- the user is a human. However, in some cases, the user may be an automated system or a computing system.
- the IVR system 1630 prompts the user to provide a token.
- the IVR system 1630 receives the token from the user at block 1706 .
- This token can include any string of alphanumeric characters and symbols that may be supplied via a phone and/or keyboard and can be associated with CHD.
- the token access system 1622 determines whether the user is associated with the token. In some embodiments, determining whether the user is associated with the token can include determining whether the user is identified as an owner of the token. Further, in some cases, determining whether the user is associated with the token can include determining whether the user is authorized to share the token with other users.
- the IVR system 1630 provides the user with the authorization factor at block 1710 .
- Providing the authorization factor to the user enables the user to share token access with a another user, or third-party user, to whom the user provides the authorization factor.
- the third-party user may be prevented from accessing the token regardless of whether the third-party user has the authorization factor. For example, if the third-party user is not registered with the token access system 1622 , having access to the authorization factor may not be sufficient to use the token or access CHD associated with the token.
- the block 1710 can include the user identifying or registering the third-party user to whom the user intends to share the authorization factor thereby enabling the token access system 1622 to verify that a user providing the authorization factor to the token access system 1622 is authorized to access the token.
- registering the intended recipient or third-party user with the token access system 1622 creates a multi-factor authorization system as the third-party user should be registered with the token access system 1622 and should have access to the authorization factor before accessing a token.
- the authorization factor provided at the block 1710 can include any type of authorization factor that may be provided by an IVR system 1630 .
- the authorization factor can include a set of words, characters, numbers, or sounds.
- the authorization factor provided by the IVR system can include some or all of the embodiments previously described with respect to authorization factors.
- the authorization factor may be associated with a theme, such as colors, animals, or places.
- an authorization factor may be easier to remember than a token.
- a user may use the process 1700 to obtain an authorization factor for his or her own use to facilitate accessing a token.
- the authorization factor may be used as the token.
- the token access system 1622 rejects the user at block 1712 .
- Rejecting the user can include the IVR system 1630 informing the user that the user is not authorized to access the token.
- the block 1712 can include some or all of the embodiments described above with respect to the blocks 506 and 1406 .
- FIG. 18 illustrates a flow diagram for an example embodiment of a token generation process 1800 .
- the process 1800 can be implemented by any system that can generate a token to be associated with CHD received via an IVR system.
- the process 1800 in whole or in part, can be implemented by one or more of the token access system 1622 , the IVR system 1630 , the token access system 122 , and the token access system 1322 .
- any number of systems, in whole or in part, can implement the process 1800 , to simplify discussion, portions of the process 1800 will be described with respect to particular systems.
- the process begins at block 1802 where, for example, the token access system 1622 authenticates a user via the IVR system 1630 .
- Authenticating the user can include requesting the user provide information associated with the user to the IVR system 1630 .
- This information can include a unique identifier (e.g., a social security number, a unique account number, etc.), a pin number, an answer to a security question, a name, or any other information that can be used to help identify the user or verify the user's specified identity.
- the process 1800 may end, provide the user an opportunity to re-authenticate, and/or alert an administrator.
- the user is a human. However, in some cases, the user may be an automated system or a computing system.
- the block 1802 is optional.
- the IVR system 1630 prompts the user to provide one or more pieces of CHD.
- This CHD can generally include any type of CHD, such as a card number, an expiration date, a card security or verification code (e.g., a CVC code, a CVV2 code, a CVC2 code, etc.), a cardholder name, etc.
- the requested CHD may depend on the type of card and/or the entity associated with the token access system 1622 or using the token access system 1622 .
- the IVR system 1630 receives the CHD from the user at block 1806 . Subsequent to receiving the CHD, the token access system 1622 verifies the CHD at block 1808 .
- Verifying the CHD can include any process that may be used to verify at least a subset of the CHD.
- verifying the CHD can include performing one or more algorithmic checks on the CHD, (e.g., a Luhn test), contacting a provider of the card associated with the CHD, and performing a micro-transaction or a small transaction using the CHD.
- the block 1808 may be optional.
- the token access system 1622 generates a token.
- the block 1810 can include some or all of the embodiments described above with respect to the block 204 .
- the token can include any type of token as has previously been described.
- the token is unique.
- a token may be a duplicate token or a reused token.
- a token associated with expired CHD may be re-associated with CHD that is not expired.
- the token generally includes a random or pseudo-random value that is unrelated to the CHD, in some cases, the token may be based, at least in part, on the CHD.
- the first portion of the token may include a portion of CHD (e.g., the first 4-digits of a card number) or may be generated based on the portion of the CHD.
- the token access system 1622 associates the token with the CHD in a repository at block 1812 .
- This repository can include any repository or data store designed to store a relationship between a token and CHD.
- the repository can include the token/CHD relationship repository 132 .
- the block 1812 can include storing the CHD and the token in the repository.
- the block 1812 can include one or more of the embodiments described above with respect to the block 206 .
- the authorization factor generator 128 generates an authorization factor associated with the token.
- the authorization factor can include any type of authorization factor as previously described with respect to FIG. 1 .
- the authorization factor can include a set of random or pseudorandom words as described with respect to the block 416 .
- the authorization factor may be the following set of four words: green, dog, circle, grape.
- the authorization factor is unrelated to the token.
- the authorization factor may be generated based, at least in part, on the token.
- the authorization factor generator 128 may use portions of the token as an index for selecting words or values in a dictionary of available options. This dictionary may be predefined or it may itself be generated as, for example, part of the block 1814 .
- the authorization factor can serve as an “anglicized” token or a simplified token that is easier to remember than the token generated at the block 1810 , which may include, for example, a string of random letters, numbers, and/or symbols.
- the block 1814 can include some or all of the embodiments described with respect to the block 416 .
- the token access system 1622 associates the authorization factor with the token in a repository at block 1816 .
- This repository may be the same repository, described with respect to the block 1812 , that stores the association between the token and the CHD.
- the authorization factor and token relationship may be stored at another repository, such as the token access repository 134 .
- the block 1816 can include some or all of the embodiments described with respect to the block 418 .
- the block 1816 can include associating the authorization factor with the user.
- the block 1816 may include one or more of the embodiments previously described with respect to the block 420 .
- the block 1816 can include associating the authorization factor with one or more additional users specified by the user.
- the IVR system 1630 provides the authorization factor to the user.
- the authorization factor may be presented to the user via audio, images, video, or any combination thereof. Further, in some cases, the authorization factor may be provided to one or more additional users whom the user has specified as being authorized to access the token.
- the block 1818 can include one or more of the embodiments described above with respect to the block 422 .
- the token access system 1622 may provide the authorization factor to the user via any other communication mechanism for providing information to a user.
- the token access system 1622 can provide the authorization factor to the user via a text message, an email, a voicemail message, or an instant message, to name a few.
- FIG. 19 illustrates an example embodiment of a token-sharing environment 1900 .
- the token-sharing environment 1900 illustrates an example embodiment of multiple tokenization provider systems (e.g., the tokenization provider systems 1902 , 1904 , and 1906 ) sharing access to a single token access system 1922 , which enables merchants to share access to tokens created by the tokenization provider systems.
- a single token access system is illustrated, it is possible, in some cases, for the tokenization provider systems to have access to multiple token access systems.
- the token access system 1922 is illustrated as a separate system from the tokenization provider systems, it is possible for at least some of the token access system 1922 to be part of the tokenization provider systems.
- the token access system 1922 is operated by a different entity than each of the tokenization provider systems.
- the token access system 1922 may be part of one of the tokenization provider systems or operated by an entity that operates one of the tokenization provider systems. The remaining tokenization provider systems may then rent or purchase the use of the token access system from the tokenization provider system, or the entity that operates the tokenization provider system.
- the token access system 1922 may be part of the tokenization provider system 1902 , and the operators of tokenization provider systems 1904 and 1906 may contract to use the token access system from the operator of the tokenization provider system 1902 .
- the entities that operate the tokenization provider systems 1904 and 1906 may provide the service of enabling their tokens to be shared without managing their own token access system by using the token access system associated with the tokenization provider system 1902 .
- the tokenization provider systems can communicate with the token access system 1922 via the network 170 . Further, the merchants 1910 and 1912 can communicate with the token access system 1922 and the tokenization provider systems via the network 170 . In some cases, at least one of the merchants can be a third-party merchant environment (e.g., the third party merchant environment 106 ) as previously described. In some cases, the merchant 1910 may serve as a third-party merchant to the merchant 1912 and vice versa.
- the token access system 1922 can create authorization factor pools (e.g., four word pools, image pools, sound pools) that are uniquely associated with one of the tokenization provider systems.
- each tokenization provider system can be associated with a unique pool of authorization factors.
- the tokenization provider system 1902 may be associated with a word pool that includes words starting with letters ‘A’-‘H’
- the tokenization provider system 1904 may be associated with a word pool that includes words starting with letters ‘I’-‘N’
- the tokenization provider system 1906 may be associated with a word pool that includes words starting with letters ‘O’-‘Z’.
- the token access system 1922 can include multiple authorization factor pool repositories that can be associated with the tokenization provider systems.
- Each of the tokenization factor pool repositories can include the authorization factors that can be used or randomly selected for enabling a merchant, or third-party merchant, to obtain access to a token from a particular tokenization provider system.
- the tokenization provider system 1902 may be associated with the authorization factor pool 1932
- the tokenization provider system 1904 may be associated with the authorization factor pool 1934
- the tokenization provider system 1906 may be associated with the authorization factor pool 1936 .
- each of the authorization factor pools may be stored in the same repository.
- each of the authorization factor pools may be stored in separate repositories, which may or may not be stored at the same location.
- each authorization factor pool may include different authorization factor types and/or algorithms.
- the authorization factor pool 1932 may include an algorithm for selecting random words
- the authorization factor pool 1934 may include an algorithm for selecting random digits
- the authorization factor pool 1934 may include an algorithm for selecting a combination of images and pass-phrases.
- tokens may be further protected because the authorization factors would be specific to the tokenization provider system associated with the authorization factor pool.
- an authorization factor generated based on one authorization factor pool would not be meaningful or understood by tokenization provider systems not associated with the authorization factor pool.
- the token access system 1922 can determine which tokenization provider system generated the token.
- the authorization factor generator 1928 can then generate an authorization factor, such as a set of words, using the authorization factor pool associated with the tokenization provider system that generated the token. For example, if the token access system determines that the token identified by the merchant 1910 was generated by the tokenization provider system 1904 , the authorization factor generator 1928 can generate an authorization factor using authorization factor pool 1934 .
- the authorization factor is associated with the token or a reference to the token at the token access repository 1940 .
- the authorization factor may be associated with the token or the reference to the token at the authorization factor pool corresponding to the tokenization provider system that generated the token.
- a third-party merchant provides the authorization factor to the token access system 1922 to obtain access to the corresponding token associated with the authorization factor.
- the token access system 1922 can determine the tokenization provider system communicate with to obtain access the token corresponding to the authorization factor based on the authorization factor. For example, if the authorization factor is a set of words, and each of the words starts with a letter from ‘A’-‘H,’ the token access system 1922 can determine that it should access the tokenization provider system 1902 .
- the merchant attempting to obtain access to the token can specify the tokenization provider system when providing the authorization factor.
- the token access system 1922 can then determine if the selected tokenization provider system is the tokenization provider system associated with the authorization factor.
- the token access system 1922 can proceed with a process (e.g., the process 500 ) for granting the merchant with access to the token, or associated CHD. If the token access system determines that the user or third-party merchant identified the wrong tokenization provider system, the token access system 1922 can prevent access to the requested token or CHD.
- a process e.g., the process 500
- the token access system 1922 can provide the third-party merchant with access to the corresponding CHD using the CHD access system 1924 , which can include some or all of the embodiments previously described with respect to the CHD access system 124 and/or 1324 .
- the tokenization provider system that generated the token provides access to the CHD associated with the token.
- providing access to a token and/or CHD can, in some cases, include providing a user or merchant with a copy of the token and/or CHD.
- providing access to a token and/or CHD can involve enabling a user or merchant to use the token and/or CHD without enabling the user or merchant to view the token and/or CHD.
- FIG. 20 illustrates a flow diagram for a third example embodiment of a token provisioning process 2000 .
- the process 2000 can be implemented by any system that can associate a token corresponding to CHD of a cardholder with a merchant other than the merchant that caused the token to be created.
- the process 2000 in whole or in part, can be implemented by one or more of a tokenization provider system (e.g., the tokenization provider system 1922 ), a token access system 1922 , an authorization factor generator 1928 , the token access system 122 , the CHD access system 124 , the gateway 126 , etc.
- a tokenization provider system e.g., the tokenization provider system 1922
- the process 2000 in whole or in part, can be implemented by one or more of a tokenization provider system (e.g., the tokenization provider system 1922 ), a token access system 1922 , an authorization factor generator 1928 , the token access system 122 , the CHD access system 124 , the gateway 126 , etc.
- the process 2000 begins at block 2002 , where, for example, the token access system 1922 receives the identity of a token from a merchant (e.g., the merchant 1910 ).
- the block 2002 can include some or all of the embodiments as previously described for receiving the identity of a token, such as the embodiments described with respect to the block 408 .
- the process 2000 may include identifying the merchant, or user, and determining whether the merchant is authorized to grant token access, as described previously with respect to, for example, the process 400 .
- the token access system 1922 identifies a tokenization provider system (e.g., the tokenization provider system 1922 ) that generated the token identified at the block 2002 .
- the token access system 1922 may identify the tokenization provider system based on the identified token, data received from the merchant, information stored in one or more repositories (e.g., the token access repository 1940 ), by querying one or more tokenization provider systems or by any other method for identify a tokenization provider system that generated a token.
- the authorization factor generator 1928 generates an authorization factor based on the authorization factor pool associated with the tokenization provider system identified at the block 2004 . For example, assuming the tokenization provider system 1922 is associated with the authorization factor pool 1932 , and that the token identified at the block 2002 was generated by the tokenization provider system 1922 , the authorization factor generator 1928 may generate the authorization factor based on an algorithm or pool of eligible authorization factors stored at the authorization factor pool 1932 . Generating the authorization factor can include selecting an authorization factor, either randomly, pseudo-randomly, or programmatically based on an algorithm. These authorization factors can include any type of authorization factor as previously described with respect to, for example, FIG. 1 and/or the block 416 . For example, the authorization factor can be a set of one or more random words, or a set of images.
- the token access system 1922 associates the authorization factor with the token.
- the association between the authorization factor and the token may be stored at the token access repository 1940 .
- the association may be stored at the authorization factor pool associated with the tokenization provider system that generated the token.
- the association may be stored at the tokenization provider system that generated the token.
- the token access system 1922 may provide the authorization factor to the tokenization provider system, and the tokenization provider system may associate the authorization factor with the token.
- the block 2008 may include some or all of the embodiments previously described with respect to, for example, the block 418 .
- the token access system 1922 receives the identity of a merchant (e.g., the merchant 1912 ).
- the merchant identified at the block 2010 differ from the merchant that provided the identity of the token at the block 2002 .
- the block 2010 may include some or all of the embodiments previously described with respect to, for example, the block 410 .
- the process 2000 may, in some embodiments, include determining whether the merchant identified at the block 2010 is authorized to access tokens.
- the token access system 1922 associates the authorization factor with the merchant identified at the block 2010 .
- the tokenization provider system that generated the token may perform the block 2012 in response to receiving the identity of the merchant from the user and/or the token access system 1922 .
- the block 2012 may include some or all of the embodiments previously described with respect to, for example, the block 420 .
- the token access system 1922 provides the authorization factor to the merchant identified at the block 2010 .
- the token access system 1922 provides the authorization factor to the merchant that identified the token at the block 2002 , who can then provide the authorization factor to the merchant identified at the block 2010 .
- the block 2014 may include some or all of the embodiments previously described with respect to, for example, the block 422 .
- FIG. 21 illustrates a flow diagram for a fourth example embodiment of a process 2100 for accessing cardholder data.
- the process 2100 can be implemented by any system that can provide a merchant (e.g., the merchant 1912 ) with access to a token and, in some cases, CHD associated with the token, which was created in response to another merchant (e.g., the merchant 1910 ) providing the CHD to a tokenization provider system (e.g., the tokenization provider system 1902 ).
- the process 2100 in whole or in part, can be implemented by one or more of the token access system 1922 , the tokenization provider system 1902 , token access system 122 , the CHD access system 124 , and the gateway 126 .
- the process 2100 will be described as being generally implemented by specific systems.
- the process 2100 begins at block 2102 where, for example, the token access system 1922 receives an authorization factor from a user (e.g., the merchant 1912 , or a representative thereof).
- the block 2102 may include some or all of the embodiments previously described with respect to, for example, the block 508 .
- the process 2100 may include receiving authentication information from the user and determining whether the user is authorized to access the token access system 1922 or a tokenization provider system associated with the authorization factor and/or corresponding token, as described previously with respect to, for example, the process 500 .
- the token access system 1922 identifies a tokenization provider system associated with the authorization factor. Identifying the tokenization provider system associated with the authorization factor can include accessing an authorization factor pool associated with the authorization factor. Determining the tokenization provider system and/or authorization factor pool corresponding to the authorization factor may be based on the authorization factor, the identity of the user, and/or information received from the user. For example, if the authorization factor is a set of images, the token access system 1922 may determine that the relationship between the authorization factor and the token is stored at the authorization factor pool 1934 and that the tokenization provider system 1904 generated the token.
- the token access system 1922 identifies a token associated with the authorization factor at the tokenization provider system identified at the block 2104 .
- the block 2106 may include some or all of the embodiments previously described with respect to, for example, the block 510 and/or 514 .
- the token access system 1922 provides the user with access to the token associated with the authorization factor.
- the block 2108 may include the CHD access system 1924 providing the user with access to the CHD associated with the token.
- the user is provided with access to the token and/or CHD without enabling the user to view the token and/or CHD.
- the block 2108 can include causing the tokenization provider system that generated the token to provide the user with access to the token and/or corresponding CHD.
- the block 2108 may include some or all of the embodiments previously described with respect to, for example, the block 514 and/or 516 .
- the token access system 1922 disassociates the authorization factor from the token and the user at block 2110 .
- Disassociating the authorization factor from the token and the user can include disassociating the authorization factor from the token and/or user at one or more of the authorization factor pool repository and the tokenization provider system corresponding to the token.
- the block 2110 may include some or all of the embodiments previously described with respect to, for example, the block 518 . In some embodiments, the block 2110 is optional.
- FIG. 22 illustrates a flow diagram for an example embodiment of a token-provisioning process 2200 using a machine-readable code.
- the process 2200 can be implemented by any system that can provide a merchant (e.g., the third-party merchant 162 associated with the third-party merchant environment 106 ) with access to a token and, in some cases, CHD associated with the token, which was created in response to another merchant (e.g., the merchant 142 ) providing the CHD to a tokenization provider system (e.g., the tokenization provider system 102 ).
- a merchant e.g., the third-party merchant 162 associated with the third-party merchant environment 106
- CHD associated with the token
- a tokenization provider system e.g., the tokenization provider system 102
- the process 2200 in whole or in part, can be implemented by one or more of the tokenization provider system 102 , the token access system 122 , the CHD access system 124 , the authorization factor generator 128 , and the gateway 126 , to name a few.
- the process 2200 will be described as being generally implemented by specific systems.
- the process 2200 begins at block 2202 where, for example, the token access system 122 accesses an authentication factor associated with a token.
- Accessing the authentication factor can include generating the authentication factor, such as was previously described with respect to the block 416 .
- the authentication factor can include any type of authentication factor including a set of random or pseudo-random words.
- accessing the authentication factor associated with the token can include performing one or more of the previously described embodiments for associating a token with a merchant or a third-party merchant who did not initiate creation of the token, such as the embodiments described with respect to the process 400 .
- the token access system 122 accesses an identifier associated with a merchant who is associated with the authentication factor.
- This merchant is typically a third-party merchant (e.g., the third-party merchant 162 ) who has been granted access, at least temporarily, to a token created for another merchant (e.g., the merchant 142 ).
- the merchant may be the same merchant for whom the token was created.
- the token access system 122 generates a machine-readable code that includes the authentication factor and the merchant identifier.
- the machine-readable code may include the authentication factor without including the merchant identifier.
- the machine-readable code may include a URL or URI for accessing a network page or webpage associated with the tokenization provider system 102 . This webpage may be configured for receiving the authentication factor, for providing access to the token, and/or for providing access to CHD associated with the token.
- the machine-readable code may include an expiration date (and/or time) or a creation date (and/or time).
- the machine-readable code can include any type of machine-readable code.
- the machine-readable code may include any code that is sufficiently dense so as to be capable of encoding the information described above with respect to the block 2206 within a particular size code.
- the machine-readable code may be a linear code (e.g., U.P.C., MSI, Code 128, etc.) or a stacked linear code (e.g., a stacked barcode).
- the code may be a matrix, or 2D, type code. In certain embodiments, using a matrix type code enables more information to be encoded in the machine-readable code.
- machine-readable code may include a combination of machine-readable codes.
- the token access system 122 provides the machine-readable code to the merchant identified at the block 2204 (e.g., the third-party merchant 162 ).
- Providing the machine-readable code to the merchant includes emailing the machine-readable code to the merchant, presenting the machine-readable code via a webpage, presenting the machine-readable code via an application, such as an application for a mobile device or for a POS system.
- FIG. 23 illustrates a flow diagram for an example embodiment of a process 2300 for accessing CHD using a machine-readable code, such as a code received via the process 2200 .
- the process 2300 can be implemented by any system that can access a machine-readable code and extract an authentication factor stored in the machine-readable code. Further, the process 2300 may be performed by any system that can use the authentication factor stored in the machine-readable code to obtain access to a token associated with the authentication factor.
- the process 2300 in whole or in part, can be implemented by one or more of the POS 166 , the computing system 164 , a computing system 1364 , a token access client 1390 , and the CHD access system 1324 , to name a few.
- the process 2300 will be described as being generally implemented by specific systems.
- the process 2300 begins at block 2302 where, for example, the POS 166 accesses a machine-readable code associated with a token.
- the POS 166 may include a scanner that can scan the machine-readable code.
- the machine-readable code may be displayed on a screen of a computing system, such as the computing system 164 , enabling the machine-readable code to be scanned from the screen.
- the machine-readable code may be scanned from a handheld device (e.g., a smartphone) of a merchant (e.g., the third-party merchant 162 ).
- the POS 166 extracts an authentication factor from the machine-readable code. For instance, the POS 166 may extract a set of words encoded into the machine-readable code. In some cases, the POS 166 , or other system capable of scanning the machine-readable code, may scan the machine-readable code and provide information extracted from the machine-readable code to another computing system (e.g., the computing system 164 ).
- another computing system e.g., the computing system 164
- the POS 166 provides the authentication factor to the tokenization provider system 102 .
- the block 2306 includes determining the tokenization provider system that manages the token associated with the authentication factor and providing the authentication factor to the identified tokenization provider system.
- providing the authentication factor to the tokenization provider system 102 includes extracting a URL or URI from the machine-readable code, opening a webpage associated with the URL or URI, and automatically providing the authentication factor via the webpage.
- the computing system 164 may display the authentication factor to a user (e.g., the third-party merchant 162 ) thereby enabling the user to enter the authentication manually into the webpage.
- the computing system 164 authenticates the merchant user (e.g., the third-party merchant 162 ) to the tokenization provider system 102 .
- Authenticating the merchant user can include accessing a digital certificate from a secure area of the computing system 164 and providing the digital certificate to the tokenization provider system 102 .
- authenticating the merchant user may include presenting the merchant user with a challenge-response authentication page provided by the tokenization provider system 102 for authentication the merchant user.
- the block 2308 may be optional.
- the POS 166 receives from the tokenization provider system 102 access to the CHD associated with the token that is associated with the authentication factor provided at the block 2306 .
- the receiving access to the CHD includes receiving a copy of the CHD to use for a transaction and/or for a limited period of time.
- receiving access to the CHD includes being able to use the CHD at the tokenization provider system 102 by, for example, providing information for performing a transaction to the tokenization provider system 102 , which can then complete the transaction using the CHD on behalf of the merchant user.
- the system includes a token access client associated with a first merchant or a first merchant environment.
- the token access client may be configured to provide a request to obtain access to a token associated with CHD to a token access system associated with a second merchant or a second merchant environment.
- the request can include an authorization factor.
- the token access client may receive access to the token from the token access system.
- the token access system can initiate a transaction using the token, thereby enabling the first merchant to initiate the transaction without receiving a copy of the CHD.
- receiving access to the token includes receiving a copy of the token.
- the token access client may be configured to initiate the transaction by providing transaction information to a tokenization provider system.
- providing the transaction information to the tokenization provider system enables the tokenization provider system to perform the transaction.
- the tokenization provider system generated the token.
- receiving access to the token includes receiving authorization to use the token without receiving a copy of the token.
- the token access client may be configured to initiate the transaction by providing transaction information to the token access system. In some cases, providing the transaction information to the token access system enables the token access system to initiate the transaction.
- the request to obtain access to the token can include the transaction information. Further, the token access client may initiate the transaction by providing the request to the token access system.
- the token access client may be configured to identify or to select a token access system from a plurality of token access systems. In some cases, the token access client may identify or select the token access system based, at least in part, on the authorization factor. Alternatively, or in addition, the token access client may identify or select the token access system based, at least in part, on a user configuration of the token access client. For example, the user may identify the token access system, or a merchant associated with the token access system, at or near a time of the request to obtain token access. As a second example, the user may configure the token access client to identify the token access system based on a set of codes, a type of transaction, or any other information that can be associated with a particular token access system.
- authorization factor and the token are described above as including random or pseudo-random values, one or both of the authorization factor and the token may include non-random values.
- a formula or algorithm may be used to identify one or more words from a dictionary to use as an authorization factor.
- obtaining access to a token in some cases can include obtaining a copy of the token.
- obtaining access to the token may include obtaining authorization to use the token, but may not include obtaining a copy of the token.
- obtaining access to the token may include obtaining permission to use the token whether or not a copy of the token is obtained.
- merchants have been described as employees of merchant environments (e.g., retail establishments or entities), in some cases, merchants may include the merchant environment. Further, in some cases, the merchant may be a single individual, an organization, or a plurality of individuals. Moreover, the merchant may be associated with a brick-and-mortar store, a network-based (e.g., Internet-based) store, or any other provider of goods or services.
- merchant environments e.g., retail establishments or entities
- the merchants may include the merchant environment. Further, in some cases, the merchant may be a single individual, an organization, or a plurality of individuals. Moreover, the merchant may be associated with a brick-and-mortar store, a network-based (e.g., Internet-based) store, or any other provider of goods or services.
- network-based e.g., Internet-based
- the process 500 describes receiving user authentication information associated with the third-party merchant 162 at the block 502 .
- some or all of the previously described processes can be performed by one or more systems interacting with one or more additional systems.
- the user authentication information may be associated with the computing system 164 .
- the user authentication information may be associated with the third-party merchant 162 and may be received from the computing system 164 , either in response to a user command or through an automated process.
- the processing of the various components of the illustrated systems can be distributed across multiple machines, networks, and other computing resources.
- the token access system 122 , the CHD access system 124 , and the authorization factor generator 128 can each be implemented as separate servers or computing systems, or alternatively, as one server or computing system.
- two or more components of a system can be combined into fewer components.
- various components of the illustrated systems can be implemented in one or more virtual machines, rather than in dedicated computer hardware systems.
- the data repositories shown can represent physical and/or logical data storage, including, for example, storage area networks or other distributed storage systems.
- the connections between the components shown represent possible paths of data flow, rather than actual connections between hardware. While some examples of possible connections are shown, any of the subset of the components shown can communicate with any other subset of components in various implementations.
- acts, events, or functions of any of the algorithms described herein can be performed in a different sequence, can be added, merged, or left out all together (e.g., not all described acts or events are necessary for the practice of the algorithms).
- acts or events can be performed concurrently, e.g., through multi-threaded processing, interrupt processing, or multiple processors or processor cores or on other parallel architectures, rather than sequentially.
- certain computer-implemented tasks are described as being performed by a particular entity, other embodiments are possible in which these tasks are performed by a different entity.
- Each of the various illustrated systems may be implemented as a computing system that is programmed or configured to perform the various functions described herein.
- the computing system may include multiple distinct computers or computing devices (e.g., physical servers, workstations, storage arrays, etc.) that communicate and interoperate over a network to perform the described functions.
- Each such computing device typically includes a processor (or multiple processors) that executes program instructions or modules stored in a memory or other non-transitory computer-readable storage medium.
- the various functions disclosed herein may be embodied in such program instructions, although some or all of the disclosed functions may alternatively be implemented in application-specific circuitry (e.g., ASICs or FPGAs) of the computer system.
- computing system includes multiple computing devices
- these devices may, but need not, be co-located.
- the results of the disclosed methods and tasks may be persistently stored by transforming physical storage devices, such as solid state memory chips and/or magnetic disks, into a different state.
- Each service described, such as those shown in FIG. 3 may be implemented by one or more computing devices, such as one or more physical servers programmed with associated server code.
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Finance (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Storage Device Security (AREA)
Abstract
One embodiment of the present disclosure provides a system and associated processes for sharing cardholder data (CHD) between a merchant that utilizes tokenization and a second merchant that may or may not utilize tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. The merchant and/or the tokenization provider system can then invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the merchant associated with the second merchant.
Description
- This application is a continuation of U.S. application Ser. No. 13/941,282, filed on Jul. 12, 2013 and titled “METHOD AND SYSTEM FOR UTILIZING AUTHORIZATION FACTOR POOLS,” which is a divisional application of U.S. application Ser. No. 13/797,246, filed on Mar. 12, 2013 and titled “METHOD AND SYSTEM FOR UTILIZING AUTHORIZATION FACTOR POOLS,” which claims priority to and is a continuation-in-part of U.S. application Ser. No. 13/303,983, filed on Nov. 23, 2011 and titled “METHOD AND SYSTEM FOR ENABLING MERCHANTS TO SHARE TOKENS,” which is a nonprovisional of U.S. Provisional Application No. 61/476,194, filed on Apr. 15, 2011 and titled “METHOD AND SYSTEM FOR SHARING TOKENS,” each of which is hereby incorporated by reference in its entirety herein. Further, U.S. application Ser. No. 13/797,246 claims priority to U.S. Provisional Application No. 61/621,222, filed on Apr. 6, 2012 and titled “METHOD AND SYSTEM FOR ENABLING MERCHANTS TO SHARE TOKENS,” and to U.S. Provisional Application No. 61/714,959, filed on Oct. 17, 2012 and titled “METHOD AND SYSTEM FOR ENABLING MERCHANTS TO SHARE TOKENS,” each of which is hereby incorporated by reference in its entirety herein. In addition, U.S. application Ser. No. 13/797,246 was filed on Mar. 12, 2013, the same day as U.S. application Ser. No. 13/796,969 titled “MERCHANT-BASED TOKEN SHARING,” which is hereby incorporated by reference in its entirety herein.
- Tokenization is a process used in credit, debit, and gift card processing systems to avoid storing cardholder data (CHD) such as credit and debit card numbers, pin numbers, expiration dates, card security codes, and the like at a merchant's location. For example, when a merchant initially accepts a credit card at a point-of-sale (POS) system, the CHD is encrypted and sent to a remote gateway system. The gateway system requests authorization from a credit card processor, which obtains authorization from a bank that issued the card. The gateway system receives the authorization from the credit card processor and provides a token to the merchant for storage along with the authorization.
- The token can be a globally unique, randomized, alphanumeric replacement for the CHD. The merchant's POS system stores the token instead of storing the CHD. If the merchant needs to reauthorize a customer (for example, to add a tip at a restaurant), the merchant sends the token to the gateway system, which then sends the actual CHD to the processor. With tokenization, thieves cannot steal CHD from merchants because the tokens are stored in place of the actual CHD.
- Embodiments of the present disclosure relate to a system for sharing cardholder data (CHD). In some embodiments, the system includes a tokenization system. The tokenization system may be configured to receive CHD of a cardholder, or customer, from a first merchant. The tokenization system can associate a token with the CHD in physical computer storage to thereby enable the token to be used to represent the CHD or, in some cases, in place of the CHD. Further, the tokenization system may be configured to electronically transmit the token to the first merchant so as to enable the first merchant to perform a first transaction for the cardholder without having to store the CHD. In some implementations, the system may include a token-access granting system that includes computer hardware. The token-access granting system may be configured to receive an indication from the first merchant that one or more of the token and the CHD are to be shared with a second merchant. In response to receiving the indication, the token-access granting system may be configured to authorize the second merchant to access one or more of the token and the CHD, thereby enabling the second merchant to perform a second transaction for the cardholder.
- Additional embodiments of the present disclosure relate to a method for sharing a token associated with cardholder data (CHD) in a tokenization provider system to enable the sharing of cardholder data between users. In certain embodiments, the method may be performed by a token access system implemented in a computing system that includes one or more processors. The method may include generating a first set of words and associating the first set of words with a token. The token may be associated with CHD in a tokenization provider system. The method may further include associating, in computer memory of the token access system, the first set of words with a user. In addition, the method may include providing access to the first set of words to the user. The method may also include receiving user authentication information associated with the user and receiving a second set of words from the user. In some implementations, the method includes determining whether the user is authorized to use the token by at least authenticating the user based, at least in part, on the user authentication information, and determining whether the second set of words matches the first set of words. In response to determining that the user is authorized to use the token, the method may include providing the user with electronic access to the token.
- Some embodiments of the present disclosure relate to a system for sharing cardholder data (CHD). This system may include a token acquisition system configured to provide CHD of a cardholder to a tokenization provider system. Further, the token acquisition system may be configured to receive electronically a token associated with the CHD so as to enable a first merchant associated with the token acquisition system to perform a first transaction for the cardholder without having to store the CHD. In some implementations, the system includes a token sharing system configured to provide to the tokenization provider system an indication that one or more of the token and the CHD are to be shared with a second merchant, thereby enabling the second merchant to perform a second transaction for the cardholder.
- Throughout the drawings, reference numbers are re-used to indicate correspondence between referenced elements. The drawings are provided to illustrate embodiments of the inventive subject matter described herein and not to limit the scope thereof.
-
FIG. 1 illustrates an example embodiment of a token-sharing environment. -
FIG. 2 illustrates a flow diagram for an example embodiment of a token provisioning process. -
FIG. 3 illustrates a flow diagram for an example embodiment of a process for accessing cardholder data. -
FIG. 4 illustrates a flow diagram for a second example embodiment of a token provisioning process. -
FIG. 5 illustrates a flow diagram for a second example embodiment of a process for accessing cardholder data. -
FIG. 6 illustrates a flow diagram for an example flow of information using a tokenization provider system. -
FIG. 7 illustrates an example embodiment of a user login interface. -
FIG. 8 illustrates an example embodiment of a user registration interface. -
FIG. 9 illustrates an example embodiment of a merchant selection interface. -
FIG. 10 illustrates an example embodiment of a populated merchant selection interface. -
FIG. 11 illustrates an example embodiment of a CHD access interface. -
FIG. 12 illustrates an example of a CHD provisioning interface. -
FIG. 13 illustrates an example embodiment of a token-sharing environment. -
FIG. 14 illustrates a flow diagram for an example embodiment of a process for accessing a token. -
FIG. 15 illustrates a flow diagram for a third example embodiment of a process for accessing cardholder data. -
FIG. 16 illustrates an example embodiment of a token access system. -
FIG. 17 illustrates a flow diagram for an example embodiment of an interactive voice response (IVR) based token sharing process. -
FIG. 18 illustrates a flow diagram for an example embodiment of a token generation process. -
FIG. 19 illustrates an example embodiment of a token-sharing environment. -
FIG. 20 illustrates a flow diagram for a third example embodiment of a token provisioning process. -
FIG. 21 illustrates a flow diagram for a fourth example embodiment of a process for accessing cardholder data. -
FIG. 22 illustrates a flow diagram for an example embodiment of a token-provisioning process using a machine-readable code. -
FIG. 23 illustrates a flow diagram for an example embodiment of a process for accessing CHD using a machine-readable code. - The security advantages of tokenization sometimes come at the expense of flexibility. Because a merchant that uses tokenization stores a token instead of cardholder data (CHD), the merchant cannot share the CHD with a second merchant. This inability to share CHD can affect the merchant's ability to fully service his or her customers. For example, many quality hotels will make restaurant reservations, order flowers, reserve theatre tickets, and provide a number of additional services for guests that help differentiate these quality hotels from lesser quality hotels. However, without access to CHD, it becomes more difficult if not impossible to provide guests with these aforementioned services.
- Further, the lack of access to CHD by merchants that use third-party services, which take advantage of tokenization, can affect the ability of some merchants to charge for cancelled reservations. For example, a golf course may work with a vacation reservation company to sell tee-times to vacationers. If a vacationer fails to show up without properly cancelling his or her reservation, the golf course may wish to charge the vacationer a cancellation fee. However, if the vacation reservation company utilizes a tokenization service, the vacation reservation company will be unable to provide the golf course with the CHD.
- Moreover, there are instances where a merchant may desire to reacquire CHD. For example, the merchant may want to process a transaction that includes interacting with a payment or credit card processor that is not supported by the tokenization gateway, which handles transactions on behalf of merchants that opt to use tokenization.
- One embodiment of the present disclosure provides a system and associated processes for sharing CHD between a merchant that uses tokenization and a second merchant that may or may not use tokenization. In one embodiment, the merchant, or an employee of the merchant, can use the system and associated processes to reacquire CHD from a tokenization provider system. In one embodiment, the merchant identifies to the tokenization provider system a desire to share CHD, which is associated with a token, with a second merchant. If the second merchant is not registered with the tokenization provider system, the merchant and/or the tokenization provider system can invite the second merchant to register with the tokenization provider system. Once registered with the tokenization provider system, the second merchant can access any CHD that the initial merchant associates with the second merchant.
- In one embodiment, the second merchant identifies the token associated with the CHD to the tokenization provider system. If the merchant has given the second merchant access to the token, then the tokenization provider system can provide the second merchant with the CHD. In one embodiment, providing the CHD to the second merchant comprises the tokenization provider system performing a transaction using the CHD for the second merchant. Advantageously, in some embodiments, the tokenization provider performing the transaction for the second merchant maintains the security advantages gained from tokenization because the second merchant can use the CHD without the second merchant viewing the CHD and without a copy of the CHD being sent to the second merchant's location. In one embodiment, once the second merchant acquires the CHD, the second merchant can use the tokenization provider system, or the second merchant's tokenization provider system, to obtain a new token associated with the CHD and the second merchant. The second merchant can then take advantage of tokenization and avoid storing the CHD at the second merchant's location.
- In one embodiment, providing the second merchant with access to the token and/or the CHD associated with the token comprises providing the second merchant with an authorization factor. This authorization factor is associated with one or more of the token, the CHD, and the second merchant. In one embodiment, to access the token and/or CHD, the tokenization provider system can request that the second merchant present the authorization factor as part of the user authentication process. Advantageously, in some embodiments, use of the authorization factor prevents automated systems from accessing the token and/or CHD. Further, in some embodiments, use of the authorization factor increases the security of the CHD because, in certain embodiments, the CHD is protected by two levels of obscurity. A user attempting to access the CHD may be required to authenticate with the tokenization provider system and provide the authorization factor. Further, the authorization factor can be associated with the CHD and the user thereby preventing a user who is authorized to access the tokenization provider system, but not the CHD from accessing the CHD.
- Many variations of these example systems and associated processes are described below in more detail with reference to the drawings. Further, in some cases, one or more of the various embodiments and systems can be combined into fewer embodiments or systems or split into multiple embodiments or systems.
-
FIG. 1 illustrates an example embodiment of a token-sharingenvironment 100. The token-sharingenvironment 100 can comprise atokenization provider system 102, amerchant environment 104, and a third-party merchant environment 106. - The
tokenization provider system 102 is associated with a tokenization provider (not shown) and can generally include any system capable of creating a token associated with CHD, storing the token and the CHD, and providing the token to a user (e.g. a merchant 142) of thetokenization provider system 102. Further, thetokenization provider system 102 can generally include any system capable of performing a payment card transaction on behalf of themerchant 142 without themerchant 142 having or maintaining a copy of the CHD. This CHD can include any information associated with a customer of themerchant environment 104 and the customer's payment card that is necessary to process a payment transaction, but which themerchant 142 does not wish to store at themerchant environment 104 due to, for example, security-related expenses or concerns. Further, the payment card can be any type of card that can facilitate completing the payment transaction. For example, the payment card can be a credit card, debit card, or gift card. One example of such a tokenization provider system is the Dollars On The Net® solution from Shift4® Corporation of Las Vegas, Nev. - The
merchant environment 104 can generally include any product or service provider that accepts credit cards, or other types of payment cards, for payment and utilizes thetokenization provider system 102 for payment processing. For example, themerchant environment 104 can be a hotel, an electronics store, a restaurant, an online ecommerce website, or a healthcare provider, to name a few. Further, themerchant environment 104 may be associated with an organization, or merchant organization, that is affiliated with or owns one or more merchant environments. For example, assuming the merchant environment represents a hotel, the organization may be associated with a number of hotel locations and/or hotel chains. - Generally, the merchant organization is a different organization than the tokenization provider. However, in some embodiments, the merchant organization may be the same organization as the tokenization provider that is associated with the
tokenization provider system 102. For example, thetokenization provider system 102 may represent, at least in part, the corporate headquarters for the merchant organization or it may represent a central processing facility for processing payment transactions for one or more locations of themerchant environment 104. Further, themerchant environment 104 may represent a store location owned by the merchant organization, or themerchant environment 104 may represent a franchisee. - In one embodiment, the
merchant environment 104 includes amerchant 142 and anadministrator 148. Themerchant 142 can represent any individual (e.g. an employee) affiliated with themerchant environment 104 who may or may not have administrative access to an account associated with thetokenization provider system 102. Theadmin 148 can represent any individual affiliated with themerchant environment 104 who has administrative access to an account associated with thetokenization provider system 102. For example, theadmin 148 can be a manager or an owner of themerchant environment 104. - The third-
party merchant environment 106 can generally include any product or service provider that accepts credit cards, or other types of payment cards, for payment and may or may not utilize thetokenization provider system 102 for payment processing. For example, the third-party merchant environment 106 can be a flower shop, a hotel, a theatre, another ecommerce website, or a franchisee of themerchant environment 104. In one embodiment, the third-party merchant environment 106 may utilize a tokenization provider system that is not affiliated with thetokenization provider system 102. In one embodiment, the third-party merchant environment 106 includes a third-party merchant 162. The third-party merchant 162 can represent any individual associated with the third-party merchant environment 106. - In one embodiment, the
merchant 142 can obtain CHD from a cardholder, or customer, (not shown) during a first or initial transaction. When themerchant 142 provides the CHD to thePOS 144, thePOS 144 can provide the CHD to atoken access system 122, which is associated with thetokenization provider system 102. In turn, thetoken access system 122 can provide thePOS 144 with a token associated with the CHD. This token can be generated by thetoken access system 122 or a token generation system (not shown) that is associated with thetokenization provider system 102. ThePOS 144 can then delete any CHD and can store the token at thetoken repository 152, which is part of themerchant repository system 150. Further, thePOS 144 can associate the token with a cardholder, or customer, profile associated with the cardholder, or customer, and stored at thecustomer profile repository 154, which is part of themerchant repository system 150. Thetoken access system 122 can store the CHD and the token, as well as the relationship between the token and the CHD, at the token/CHD relationship repository 132, which is part of the tokenizationprovider repository system 130. - The
POS 144 can generally represent any point-of-sale system that can process payment card transactions by communicating with thecredit card processors 172, or by communicating with thetokenization provider system 102, which communicates with thecredit card processors 172 for thePOS 144. Thetokenization provider system 102 may communicate with thecredit card processors 172 using, for example, thegateway 126. In one embodiment, thePOS 144 communicates directly with thetokenization provider system 102 via a private secure connection. Alternatively, thePOS 144 can communicate with thetokenization provider system 102 via thenetwork 170. Thenetwork 170 can include any type of wired or wireless network. For example, thenetwork 170 can be a LAN, WAN, or the Internet, to name a few. Thecredit card processors 172 and thecredit card processor 174 can generally include any payment card processing system or service. - The
token access system 122 can generally include any system that can generate tokens associated with CHD and provide the tokens to amerchant environment 104. Further, thetoken access system 122 can include any system that can regulate access to the tokens, and CHD associated with the tokens. - The
merchant repository system 150 can generally include any repository, database, or information storage system that can store information associated with themerchant environment 104. In one embodiment, themerchant repository system 150 comprises thetoken repository 152 and thecustomer profile repository 154. Thetoken repository 152 can generally include any system capable of storing tokens associated with CHD. In one embodiment, thetoken repository 152 stores token identifiers associated with tokens stored at thetokenization provider system 102. In some cases, thetoken repository 152 stores hashed and/or encrypted versions of the token instead of, or in addition to, the token. Thecustomer profile repository 154 can generally include any information associated with customers of themerchant environment 104 that themerchant environment 104 may store. For example, thecustomer profile repository 154 may include the cardholder's or customer's identity, the customer's preferences (e.g. red flowers or a corner hotel room), and the customer's purchase history, to name a few. In one embodiment, one or more of thetoken repository 152 and thecustomer profile repository 154 may store information linking an entry in thecustomer profile repository 154 with an entry in thetoken repository 152 thereby associating a token with a customer. In one embodiment, thetoken repository 152 and thecustomer profile repository 154 can be combined or divided further. - The tokenization
provider repository system 130 can generally include any repository, database, or information storage system that can store information associated with thetokenization provider system 102. In one embodiment, the tokenizationprovider repository system 130 comprises a token/CHD relationship repository 132, atoken access repository 134, and a CHDaccess log repository 136. The token/CHD relationship repository 132 can generally include any system that can store CHD and tokens, as well as the relationship between the tokens and the CHD. The tokens and CHD may each be stored in a hashed and/or encrypted form. Thetoken access repository 134 can generally include any system that can store information associated with identifying who can access the tokens and CHD maintained by thetokenization provider system 102. This information can include user identification information, user authentication information, and user/token relationship information, to name a few. The CHDaccess log repository 136 can generally include any system that can store information associated with token and CHD access by users of thetokenization provider system 102. These users can include both users who use thetokenization provider system 102 for tokenization services (e.g. the merchant 142) and users who access thetokenization provider system 102 to access shared tokens or CHD (e.g. the third-party merchant 162). In one embodiment, the token/CHD relationship repository 132, thetoken access repository 134, and the CHDaccess log repository 136 can be combined or divided further. - In one embodiment, the
merchant 142 can provide the third-party merchant 162 with access to the CHD. Providing the third-party merchant 162 with access to the CHD comprises themerchant 142 providing the third-party merchant 162 with access to the token associated with the CHD. To provide the third-party merchant 162 with access to the CHD, themerchant 142 can send the token or token identifier and a merchant identifier associated with the third-party merchant 162 to thetoken access system 122. Further, thetoken access system 122 provides the token or a token-identifier to the third-party merchant 162 enabling the third-party merchant 162 to access the CHD associated with the token at thetokenization provider system 102. - In one embodiment, the
merchant 142 provides the token or the token-identifier to the third-party merchant 162 using, for example, thecomputing system 146 thereby enabling the third-party merchant 162 to access CHD associated with the token at thetokenization provider system 102. - In one embodiment, access to the CHD is generally on a limited basis. For example, using the token, the third-
party merchant 162 may only be able to access the CHD once, a small number of times, or for a predefined period (such as 15-minutes). However, access to the CHD is not so limited in other embodiments. - In one embodiment, the
merchant 142 can remove access to the CHD from the third-party merchant 162 by requesting that thetoken access system 122 disassociate the token from the third-party merchant 162. - In some embodiments, the
merchant 142 provides token access to one or more users that have been pre-identified to thetokenization provider system 102 by theadmin 148 using, for example, thecomputing system 146. Similarly, in some embodiments, theadmin 148 can remove access to the CHD from the one or more pre-identified users. In one embodiment, the pre-identified users can be third-parties (e.g. the third-party merchant 162) and/or users associated with the merchant environment 104 (e.g. the merchant 142). - In some embodiments, although the third-
party merchant 162 may or may not be a customer of the tokenization provider, to access the CHD, the third-party merchant 162 registers with thetoken access system 122. Registration with thetoken access system 122 enables the token-access system 122 to associate the token with the third-party merchant 162. Further, the registration enables the tokenization provider to optionally verify the identity of the third-party merchant 162 and to determine if the third-party merchant 162 is trustworthy based on publicly available information or any other information source available to the tokenization provider. - In one embodiment, the third-
party merchant 162 accesses thetoken access system 122 via acomputing system 164 or aPOS 166. The third-party merchant 162 authenticates with thetoken access system 122 and can then request the CHD associated with a token by providing a copy of the token or a token identifier associated with the token to aCHD access system 124. If the third-party merchant 162 has been pre-authorized by theadmin 148 to access the CHD, theCHD access system 124 can provide the third-party merchant 162 with access to the CHD. Once the third-party merchant 162 has gained access to the CHD, the third-party merchant 162 can process a transaction for the customer via thePOS 166 using the CHD. Alternatively, if the third-party merchant 162 is a customer of the tokenization provider, the third-party merchant 162 can use thegateway 126 to process the transaction. In one embodiment, gaining access to the CHD enables the third-party merchant 162 to view the CHD. Alternatively, in some embodiments, gaining access to the CHD enables the third-party merchant 162 to perform a transaction with or without viewing the CHD. - In one embodiment, the
CHD access system 124 causes the CHD to be displayed to the user via one or more of thePOS 166 and thecomputing system 164. - The
CHD access system 124 can generally include any system that can provide access to CHD associated with a token. In one embodiment, theCHD access system 124 authenticates a user and determines whether the user is authorized to access the CHD before providing access to CHD associated with a token. - The
token access system 122, or theCHD access system 124, can log each access of the CHD or token at the CHDaccess log repository 136, which is part of the tokenizationprovider repository system 130. Advantageously, in some embodiments, by logging each access of the CHD or token, it can be determined if a potential unauthorized use of the CHD is attributable to themerchant 142, the third-party merchant 162, or some unrelated party. - The
POS 166 can generally represent any point-of-sale system that can process payment card transactions by communicating with thecredit card processor 174. In one embodiment, thePOS 166 communicates directly with thecredit card processor 174. Alternatively, thePOS 166 communicates with thecredit card processor 174 via thenetwork 170. ThePOS 166 may also communicate with thecredit card processor 174 or thecredit card processors 172 using thetokenization provider system 102. Generally, this communication may occur if the third-party merchant environment 106 is also a customer of thetokenization provider system 102. However, in some instances, thePOS 166 may use thetokenization provider system 102 to communicate with the credit card processors without the third-party merchant environment 106 being a customer of thetokenization provider system 102. For example, in some cases the third-party merchant 106 may be authorized to use thetokenization provider system 102 when initiating transactions that use CHD associated with a token provided by a party that is a customer of thetokenization provider system 102, such as themerchant environment 104. In one embodiment, thePOS 166 and thePOS 144 can be similarly configured. - The
gateway 126 can generally include any system that can process transactions by providing CHD and transaction information to thecredit card processors 172 either directly or via thenetwork 170 on behalf of themerchant environment 104. - The
computing systems merchant environment 104 and the third-party merchant environment 106 is associated with an ecommerce website. In one embodiment, thecomputing systems computing systems tokenization provider system 102. - In one embodiment, providing access to a token and the CHD associated with the token comprises associating an authorization factor with the token. For example, to provide the third-
party merchant 162 with access to the CHD, themerchant 142 can send the token and a merchant identifier associated with the third-party merchant 162 to thetoken access system 122. Thetoken access system 122 can use theauthorization factor generator 128 to generate an authorization factor. The authorization factor can be associated with the token and the merchant identifier at thetoken access repository 134. Thetoken access system 122 can provide the authorization factor along with the token or token-identifier to the third-party merchant 162 enabling the third-party merchant 162 to access the CHD associated with the token at thetokenization provider system 102. In one embodiment, themerchant 142 provides the authorization factor to the third-party merchant 162. - The
authorization factor generator 128 can generally include any system capable of generating or otherwise accessing an authorization factor. The authorization factor can include any factor that can be used to help authenticate the third-party merchant 162 and to prevent automated systems, possibly associated with malicious users, from attempting to obtain CHD access. For example, the authorization factor can comprise a set of one or more random or pseudo-random words, numbers, symbols, images, sounds, or a combination of the same. In some embodiments, the authorization factor can be non-random and may be associated with a defined algorithm. Further, in some embodiments, the authorization factor can be associated with a theme. For example, the authorization factor can be a set of four random color words, car images, or rock music sound bites. In some embodiments, the authorization factor can be a security question. In some cases, the authorization factor can be in one or more languages. Further, in some cases, the words may be sets of random characters that may or may not spell a word as understood by, for example, themerchant 162. - In one embodiment, to access CHD associated with a token, the third-
party merchant 162 authenticates with thetokenization provider system 102. The third-party merchant 162 also provides both a token or token identifier and an authorization factor. If the authorization factor matches an authorization factor associated with the token and the token is associated with the third-party merchant 162, then theCHD access system 124 can provide the third-party merchant 162 with access to the CHD associated with the token. Thus, in some embodiments, the third-party merchant 162 must be registered with thetokenization provider system 102, and have been granted access to the CHD by themerchant 142. - In one embodiment, the
admin 148 identifies the merchants, or users, to thetokenization provider system 102 that themerchant 142 can potentially provide token access. In one embodiment, theadmin 148 identifies to thetokenization provider system 102 the employees of themerchant environment 104 that can share token access with other merchants, or users. - In one embodiment, the authorization factor is presented to the third-
party merchant 162 via a human-detection test, such as a captcha, reverse Turing test, or other challenge-response test. In one embodiment, the authorization factor is presented to the third-party merchant via a RSA hardware authenticator. In one embodiment, after providing the authorization factor, a phone-verification system (not shown) associated with thetokenization provider system 102 can contact the third-party merchant 162 to request verification that the third-party merchant 162 is attempting to access the CHD associated with a token. In some embodiments, use of the phone-verification system can advantageously prevent attempts at automated CHD access by malicious programs. - In one embodiment, one or more of the
token access system 122, theCHD access system 124, and theauthorization factor generator 128 can be located at themerchant environment 104. - As one example, non-limiting, use-case of an embodiment of the present disclosure, assume that the
merchant environment 104 represents an electronics store and the third-party merchant environment 106 represents an extended warranty provider. The extended warranty provider is contracted with themerchant environment 104 to provide extended warranties to customers of themerchant environment 104 who opt to purchase an extended warranty with their electronic purchase. A customer who is attempting to purchase a television may provide CHD to themerchant environment 104. Themerchant environment 104 may then provide the CHD to thetokenization provider system 102. Thetokenization provider system 102 processes the transaction and returns a token associated with the CHD to themerchant environment 104 which stores the token and associates the token with the customer. Now, assume the customer decides to purchase the extended warranty for the television. Themerchant environment 104 can authorize the third-party merchant environment 106 to use the token. The third-party merchant environment 106 can then access thetokenization provider system 102 and request the CHD associated with the token, thereby enabling the third-party merchant 106 to process the extended warranty transaction for the customer. Alternatively, the third-party merchant environment 106 can request that thetokenization provider system 102 process the extended warranty transaction using the CHD associated with the token. -
FIG. 2 illustrates a flow diagram for an example embodiment of atoken provisioning process 200. Theprocess 200 can be implemented by any system that can generate and associate a token with CHD on behalf of amerchant 142 and can provide a second merchant, such as the third-party merchant 162, with access to the token. For example, theprocess 200, in whole or in part, can be implemented by one or more of thetoken access system 122, theCHD access system 124, and thegateway 126. In one embodiment, the second merchant can be a merchant that is associated with themerchant 142, such as an employee of themerchant 142. Although any number of systems, in whole or in part, can implement theprocess 200, to simplify discussion, theprocess 200 will be described as being generally implemented by thetoken access system 122. - The
process 200 begins atblock 202, where, for example, thetoken access system 122 receives CHD from themerchant 142. Atblock 204, thetoken access system 122 generates a token. This token can be any piece of random or pseudo-random globally unique data that can be stored by themerchant 142 in place of the CHD. In one embodiment, the token can include alphanumeric characters, symbols, pictures, sounds, video, etc. For example, the token may include a set of four words that may be English words, words in any other language, or words from multiple languages. A user can provide the token to a system, such as thetoken access system 122, using a user interface configured according to the type of token. For example, if the token includes a set of words, the user interface may include a set of text fields. As a second example, if the token includes sounds, the interface may receive input from a musical keyboard or may map different keys on a computer keyboard to different sounds. Advantageously, in some embodiments, the keys that map to the sounds may differ each time the user attempts to provide the token using the user interface thereby reducing the possibility that a user can learn a set of letters in place of the sound-based token. - In some cases, the token can be based on a theme. Advantageously, in some embodiments, using easily remembered tokens, such as English words associated with a theme (e.g., animals, colors, etc.) facilitates a user remembering the token. As described in more detail below, such as with respect to the
process 300 ofFIG. 3 , accessing the CHD using the token may require authentication of a user as well as determining the user's authorization to use the token. Thus, in some embodiments, using a token that is designed to be relatively easy to remember does not reduce the security benefits of tokenization. In some cases, the token may include multiple types of data, e.g., the token could be any combination of words, images, sounds, or video. For example, the token may include a word, a set of random characters, and five musical notes. Generally, there exists no correlation between the token value or contents and the contents of the CHD thereby making it impossible to determine the CHD from the token itself. However, in some embodiments, one or more pieces of the CHD can be used to facilitate generating the token. In one embodiment, the token differs from an encrypted version of the CHD and thus, cannot be manipulated to obtain the CHD. In one embodiment, the token can be an encrypted form of the CHD or a combination of encrypted CHD and false non-CHD. - In some cases, the token may be formatted in a card-swipe compatible format. Further, in some cases, the token may be formatted to be processed by one or more systems (e.g., Point of Sale systems) as if the token were CHD. Moreover, the token may be configured to replace CHD or a Primary Account Number (PAN) included with the CHD with a surrogate value. Typically, this surrogate value is unique and is generated to not include a valid PAN or CHD.
- In some embodiments, a single token exists at any given time per CHD. However, at different points in time, a different token may be associated with a particular CHD. In some embodiments, the token is, at least in part, algorithmically generated.
- At
block 206, thetoken access system 122 associates the token with the CHD. In some embodiments, the relationship between the token and the CHD is stored at the token/CHD relationship repository 132. In some embodiments, thetoken access system 122 may also associate the token with themerchant 142. This relationship may also optionally be stored at the token/CHD relationship repository 132. In some cases, there may exist a number of tokens and sets of CHD data. For example, there may be one, a hundred, a thousand, ten-thousand, a million, or more tokens and sets of CHD data. Thus, thetoken access system 122, for example, may maintain relationships between a number of tokens and sets of CHD data, including, one, a hundred, a thousand, ten-thousand, etc. Generally, one token is associated with one set of CHD data. However, in some embodiments, a token may be associated with multiple sets of CHD data and/or a set of CHD data may be associated with multiple tokens. For example, multiple merchants may have obtained a set of CHD from a customer, and as a result, if more than one of the merchants uses tokenization, it is possible for multiple tokens to be associated with one set of CHD. - At
block 208, thetoken access system 122 provides the token to themerchant 142. In one embodiment, providing the token to themerchant 142 enables the merchant to perform transactions without the CHD. Themerchant 142 can identify the token and provide transaction details, for example, to thegateway 126 or thetoken access system 122. Thegateway 126 can then process the transaction on behalf of themerchant 142. In some embodiments, themerchant 142 can store the token at thetoken repository 152. Advantageously, in some embodiments, once the CHD has initially been provided to thetoken access system 122, themerchant 142 can perform a transaction using the CHD without directly accessing, viewing, or maintaining a copy of the CHD at themerchant environment 104. - At
block 210, thetoken access system 122 receives a request to associate the token with a second merchant, such as the third-party merchant 162. In some embodiments, the request comprises receiving one or more of an identifier, contact information, and account information associated with the third-party merchant 162. Generally, this information does not include information that the third-party merchant 162 uses to access thetokenization provider system 102. For example, the identifier or account information may include a public identifier that the third-party merchant 162 can share with merchants who wish to grant the third-party merchant 162 with token access, but generally the public identifier is distinct from an identifier the third-party merchant 162 uses to identify itself to thetokenization provider system 162. However, in some embodiments, the public identifier and the login identifier may be the same. Further, in some embodiments, the request comprises receiving the identity of the token. Alternatively, the request comprises receiving a copy of the token. - The
token access system 122 authorizes the second merchant (e.g. the third-party merchant 162) to access the token atblock 212. In some embodiments, authorizing access to the token comprises authorizing access to the CHD. In some embodiments, block 212 can also comprise informing the second merchant that the second merchant, or an account associated with the second merchant, is authorized to access the token and/or CHD. In some embodiments, informing the second merchant of the authorization can comprise emailing, texting, leaving a voice message, or providing an alert via thePOS 166, thecomputing system 164, or an account page associated with the third-party merchant 162 at thetokenization provider system 102. In some embodiments, authorizing the second merchant to access the token comprises providing a copy of the token and/or an identifier associated with the token to the second merchant. In some embodiments, thetoken access system 122 stores the relationship between the second merchant and the token and/or CHD at thetoken access repository 134. -
FIG. 3 illustrates a flow diagram for an example embodiment of aprocess 300 for accessing cardholder data. Theprocess 300 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162, with CHD associated with a token, which was created in response to a first merchant, such as themerchant 142, providing the CHD to the system or a related system. For example, theprocess 300, in whole or in part, can be implemented by one or more of thetoken access system 122, theCHD access system 124, and thegateway 126. In one embodiment, the second merchant can be a merchant that is associated with themerchant 142, such as an employee of themerchant 142. In one embodiment, theprocess 300 can be used by themerchant 142, who initially provided the CHD, or an employee of themerchant 142, to retrieve the CHD. Although any number of systems, in whole or in part, can implement theprocess 300, to simplify discussion, theprocess 300 will be described as being generally implemented by theCHD access system 124. - The
process 300 begins at block 302, where, for example, theCHD access system 124 receives user authentication information associated with, for example, the third-party merchant 162. This user authentication information can generally include any information that can be used to authenticate the third-party merchant 162. For example, the user authentication information can include: a user name, a password, a RSA token code (e.g. a code produced by an RSA SecurID™ hardware authenticator), and the response to a challenge-response test, such as a human-detection test response (e.g. a captcha response) or an answer to a security question. - At
decision block 304, theCHD access system 124 determines, based at least in part on the user authentication information, if the third-party merchant 162 is authorized to access thetokenization provider system 102, or any system associated with thetokenization provider system 102. If the third-party merchant 162 is not authorized to use thetokenization provider system 102, the CHD access system rejects the third-party merchant 162 at block 306. In one embodiment, rejecting the third-party merchant 162 can comprise initiating a registration process that enables the third-party merchant 162 to register with thetokenization provider system 102. In one embodiment, rejecting the third-party merchant 162 can comprise providing an error message to the third-party merchant 162. - If the third-
party merchant 162 is authorized to access thetokenization provider system 102, theCHD access system 124 receives a token from the third-party merchant 162 atblock 308. Alternatively, atblock 308, theCHD access system 124 accesses the token pre-associated with the third-party merchant 162 by themerchant 142 from thetoken access repository 134. In one embodiment, receiving the token comprises receiving a token identifier associated with the token. In one embodiment, receiving the token includes receiving a request to access CHD associated with the token. - At
decision block 310, theCHD access system 124 determines if the third-party merchant 162 is authorized to use the token. In one embodiment, to determine if the third-party merchant 162 is authorized to use the token, theCHD access system 124 determines if the third-party merchant 162 is associated with the token at thetoken access repository 134. - If the third-
party merchant 162 is not authorized to use the token, theCHD access system 124 rejects the third-party merchant's 162 request to access the CHD associated with the token atblock 312. In one embodiment, rejecting the third-party merchant's 162 request can include logging the third-party merchant's 162 request at the CHDaccess log repository 136. Further, in one embodiment, rejecting the third-party merchant's 162 request can include informing themerchant 142 of the third-party merchant's 162 attempt to use the token and/or access the CHD associated with the token. In one embodiment, in response to the third-party merchant's 162 failed attempt to access the CHD, thetokenization provider system 102 can replace the token at thetokenization provider system 102 and themerchant environment 104 with a new token. - If the third-
party merchant 162 is authorized to use the token, theCHD access system 124 provides access to CHD associated with the token atblock 314. In one embodiment, providing access to the CHD comprises providing the CHD to one or more of thePOS 166 and thecomputing system 164. In one embodiment, if given access to the CHD, the third-party merchant 162 can view the CHD. Alternatively, the third-party merchant 162 can initiate a transaction using the CHD at thePOS 166, but without viewing the CHD. In one embodiment, providing access to the CHD comprises thegateway 126 performing a transaction using the CHD on behalf of the third-party merchant 162. In one embodiment, providing the third-party merchant 162 with access to the CHD can include logging the third-party merchant's 162 access of the CHD at the CHDaccess log repository 136. - At
block 316, theCHD access system 124 removes the third-party merchant's 162 authorization to use the token, and consequently, the third-party merchant's 162 authorization to access the CHD at thetokenization provider system 102. In one embodiment, removing the third-party merchant's 162 authorization to use the token can comprise disassociating the token and the third-party merchant 162 at thetoken access repository 134. In one embodiment, the threshold for removing the third-party merchant's 162 authorization to use the token can be based on any predetermined event. For example, authorization can be removed after the third-party merchant 162 uses the token or accesses the CHD a pre-determined number of times, such as once or five-times. As a second example, authorization can be removed after a pre-defined time period, such as 15-minutes from thetime merchant 142 authorizes the third-party merchant 162 to use the token, or 10-minutes from the time that the third-party merchant 162 access the CHD using the token. In one embodiment, block 316 is optional. -
FIG. 4 illustrates a flow diagram for a second example embodiment of atoken provisioning process 400. Theprocess 400 can be implemented by any system that can generate and associate a token with CHD on behalf of amerchant 142 and can provide a second merchant, such as the third-party merchant 162, with access to the token. For example, theprocess 400, in whole or in part, can be implemented by one or more of thetoken access system 122, theCHD access system 124, and thegateway 126. In one embodiment, the second merchant can be a merchant that is associated with themerchant 142, such as an employee of themerchant 142. Although any number of systems, in whole or in part, can implement theprocess 400, to simplify discussion, theprocess 400 will be described as being generally implemented by thetoken access system 122. In some embodiments, theprocess 400 can be used to provide either a third-party merchant (e.g. the third-party merchant 162), or an employee of themerchant 142 or the merchant environment 104 (e.g. the merchant 142) with access to a token or CHD associated with the token. To simplify discussion, theprocess 400 will be described as being used to provide the third-party merchant 162 with access to the token or CHD associated with the token. - The
process 400 begins at block 402, where, for example, thetoken access system 122 receives user authentication information associated with themerchant 142. This user authentication information can comprise any information necessary for thetoken access system 122 to authenticate themerchant 142. For example, the user authentication information can comprise a user name, a password, and a RSA token code, to name a few. - At
decision block 404, thetoken access system 122 determines if themerchant 142 is authorized to grant a second merchant access to a token. In one embodiment, granting the second merchant access to the token can include granting the second merchant the ability to use the token to process a transaction. In one embodiment,decision block 404 comprises determining if themerchant 142 is authorized to access one or more of thetokenization provider system 102, thetoken access system 122 and thegateway 126. In one embodiment, themerchant 142 may have access to thetokenization provider system 102 without having permission to access all of the systems associated with thetokenization provider system 102. For example, themerchant 142 may have access to thegateway 126 enabling themerchant 142 to process transactions for a customer, but may not have access to thetoken access system 122 thereby preventing themerchant 142 from providing token access to a second merchant. In one embodiment, theadmin 148 determines the merchant's 142 level of access to thetokenization provider system 102. Theadmin 148 can configure an account associated with themerchant 142 and thetokenization provider system 102 to restrict the merchant's 142 level of access to one or more of systems, tokens, and CHD associated with thetokenization provider system 102. - If the
merchant 142 is not authorized to grant a second merchant access to a token, thetoken access system 122 rejects themerchant 142 from further accessing thetoken access system 122 atblock 406. If themerchant 142 is authorized to grant token access to a second merchant, thetoken access system 122 receives the identity of a token from themerchant 142 atblock 408. Receiving the identity of the token can comprise receiving a token or receiving a token identifier associated with the token. Further, receiving the identity of the token may include receiving a customer record that is associated with a token. Advantageously, in some embodiments, by providing a customer record (or portion thereof, such as a customer record identifier) that is associated with a token to thetoken access system 122, themerchant 142 can grant token access without knowing the token value, knowing that a token exists, or having any understanding of how tokenization works. - In one embodiment, the
token access system 122 verifies that themerchant 142 provided a token associated with themerchant 142 or themerchant environment 104. If the token is not associated with themerchant 142 or themerchant environment 104, the token access system can reject the token. In one embodiment, thetoken access system 122 can also lock themerchant 142 out of thetokenization provider system 102, log the merchant's 142 actions at the CHDaccess log repository 130, report the access attempt to theadmin 148, or combinations of the same. - At
block 410, thetoken access system 122 receives the identity of the third-party merchant 162, the user whom themerchant 142 wishes to grant token access. In some embodiments, thetoken access system 122 receives the identity of the third-party merchant environment 106 or an organization associated with the third-party merchant environment 106. In one embodiment, receiving the identity of the third-party merchant 162 comprises receiving the identity of a merchant account associated with thetokenization provider system 102 and the third-party merchant 162. As previously described, the identity can include any information that identifies the third-party merchant 162, or third-party merchant environment 106, to thetokenization provider system 102. This can include, for example, a unique identifier selected by thetokenization provider system 102 or the third-party merchant 162. As additional examples, the identifying information may include an e-mail address, a phone number, or any other contact information. Advantageously, in some embodiments, providing contact information as an identifier enables themerchant 142 to identify a third-party merchant 162 that has not yet registered with thetokenization provider system 102 or without knowing the third-party merchant's 162 unique identifier. - The
token access system 122 may also receive a time-based or event-based set of conditions associated with the third-party merchant 162 that limits the third-party merchant's 162 access to the CHD. For example, the conditions may limit the time-period in which the third-party merchant 162 can access the CHD or the number of times the third-party merchant 162 can access the CHD using the token. Further, in embodiments where thetokenization provider system 102 provides CHD access by performing transactions on behalf of the third-party merchant 162, the conditions can include a monetary limit. Advantageously, in some embodiments, setting a monetary limit can prevent a third-party merchant 162 from quoting one price to a customer ormerchant 142 while charging a higher price once access to the CHD is obtained. Theadmin 148 may also pre-define the set of conditions such that each time themerchant 142 provides a third-party merchant with CHD access, the set of conditions are automatically associated with the CHD access. - At
decision block 412, thetoken access system 122 determines if the third-party merchant 162 is authorized to access tokens. This determination can comprise determining if the third-party merchant 162 is registered with thetokenization provider system 102 and/or if the third-party merchant 162 is authorized to access tokens associated with themerchant environment 104. If the third-party merchant 162 is not authorized to access tokens, thetoken access system 122 rejects the merchant selection of the third-party merchant 162 atblock 414. In some embodiments, rejecting the merchant selection can comprise sending a registration request to or initiating a registration process with the third-party merchant 162. In some embodiments, rejecting the merchant selection can comprise requesting that theadmin 148 authorize the third-party merchant 162 to access tokens associated with themerchant environment 104, if so desired. - If the third-
party merchant 162 is authorized to access tokens, thetoken access system 122 generates a set of random words atblock 416 using, for example, theauthorization factor generator 128. Alternatively, thetoken access system 122 can generate any other type of authentication factor using, for example, theauthorization factor generator 128, as described above with respect toFIG. 1 . Atblock 418, the set of random words are associated with the token identified atblock 408. Atblock 420, the set of random words are associated with the third-party merchant 162. In one embodiment, the set of random words are associated with a merchant account associated with the third-party merchant environment 106. An employee associated with the third-party merchant environment 106 that has access to the merchant account can then use the set of random words and obtain access to the token and associated CHD as described with respect toFIG. 5 . - At
block 422, the set of random words are provided to the third-party merchant 162. In one embodiment, the set of random words can be provided by any type of communication. For example, thetoken access system 122 can provide the set or random words by email, text, or voicemail, to name a few. In one embodiment, the set of random words are provided to themerchant 142. Themerchant 142 can then provide the set of random words to the third-party merchant 162. In one embodiment, performingblock 422 can further comprise performingblock 212 as described with respect toFIG. 2 . - In one embodiment, the set of random words are provided in an encrypted format to the third-
party merchant 162. The third-party merchant 162 can then decrypt the encrypted set of random words. In one embodiment, the set of random words can be provided in clear text. However, in some embodiments, because the set of random words are associated with the third-party merchant 162, or the merchant account, at thetokenization provider system 102, malicious users are prevented from using the set of random words to access the token and/or CHD associated with the token. -
FIG. 5 illustrates a flow diagram for a second example embodiment of aprocess 500 for accessing cardholder data. Theprocess 500 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162, with CHD associated with a token, which was created in response to a first merchant, such as themerchant 142, providing the CHD to the system or a related system. For example, theprocess 500, in whole or in part, can be implemented by one or more of thetoken access system 122, theCHD access system 124, and thegateway 126. In one embodiment, the second merchant can be a merchant that is associated with themerchant 142, such as an employee of themerchant 142. In one embodiment, theprocess 500 can be used by themerchant 142, who initially provided the CHD, or an employee of themerchant 142, to retrieve the CHD. Further, theprocess 500 can be used by the third-party merchant 162 to access CHD from any number of merchants who have authorized the third-party merchant 162 to use their tokens. Although any number of systems, in whole or in part, can implement theprocess 500, to simplify discussion, theprocess 500 will be described as being generally implemented by theCHD access system 124. - The
process 500 begins at block 502, where, for example, theCHD access system 124 receives user authentication information associated with the third-party merchant 162. This user authentication information can generally include any information that can be used to authenticate the third-party merchant 162. For example, the user authentication information can include: a user name, a password, a RSA token code, and the response to a challenge-response test, such as a captcha response or an answer to a security question. - At
decision block 504, theCHD access system 124 determines, based at least in part on the user authentication information, if the third-party merchant 162 is authorized to access thetokenization provider system 102, or any system associated with thetokenization provider system 102. In one embodiment,decision block 504 can include determining if the third-party merchant 162 is registered with thetokenization provider system 102. In one embodiment,decision block 504 can include determining if themerchant 142, or theadmin 148, has provided the third-party merchant 162 with access to tokens associated with themerchant 142 or themerchant environment 104. - If the third-
party merchant 162 is not authorized to use thetokenization provider system 102, the CHD access system rejects the third-party merchant 162 at block 506. In one embodiment, rejecting the third-party merchant 162 can comprise initiating a registration process that enables the third-party merchant 162 to register with thetokenization provider system 102. In one embodiment, rejecting the third-party merchant 162 can comprise providing an error message to the third-party merchant 162. - If the third-
party merchant 162 is authorized to access thetokenization provider system 102, theCHD access system 124 receives a set of words from the third-party merchant 162 at block 508. Alternatively, or additionally, theCHD access system 124 receives any authorization factor generated by theauthorization factor generator 128 and provided to the third-party merchant 162 as part of the implementation of theprocess 400. - At
decision block 510, theCHD access system 124 determines if the set of words received from the third-party merchant 162 match a set of random words associated with a token. In one embodiment, the third-party merchant 162 also identifies the token. Alternatively, theCHD access system 124 identifies the token by determining if there exists any token associated with a set of random words that match the received set of words and if so, theCHD access system 124 determines if the third-party merchant 162 is authorized to access that token. - If the set of words received from the third-
party merchant 162 do not match a set of random words associated with a token, theCHD access system 124 rejects the third-party merchant 162 at block 506. Rejecting the third-party merchant 162 can comprise causing an error message to be presented to the third-party merchant 162. Further, in some embodiments, rejecting the third-party merchant 162 can cause an account associated with the third-party merchant 162 to be deactivated or suspended. - If the set of words received from the third-
party merchant 162 matches a set of random words associated with a token, theCHD access system 124, atblock 512, accesses the token associated with the set of random words at, for example, the tokenizationprovider repository system 130. Atblock 514, theCHD access system 124 obtains CHD associated with the token. - At block 516, the
CHD access system 124 provides the third-party merchant 162 with access to the CHD over a secure connection. In one embodiment, the CHD is provided via thenetwork 170. In one embodiment, the CHD is provided to thecomputing system 164 at block 516. Thecomputing system 164 can then provide the CHD directly to thePOS 166 and/or cause the CHD to be presented to the third-party merchant 162. In one embodiment, the CHD is provided to thePOS 166 at block 516. ThePOS 166 can then provide the CHD to thecredit card processor 174 to complete a transaction. - In one embodiment, providing the third-
party merchant 162 with access to the CHD can comprise theCHD access system 124 receiving transaction information associated with a requested transaction. TheCHD access system 124 can then provide the CHD and the transaction information to thegateway 126, which can then process the transaction using thecredit card processors 172. Advantageously, in some embodiments, the third-party merchant 162 is able to use the CHD without the CHD being presented to the third-party merchant 162. In one embodiment, a subset of the CHD is presented to the third-party merchant 162 enabling the third-party merchant 162 to log the transaction and/or to verify that the transaction is associated with the correct CHD or customer. In some embodiments, theCHD access system 124 may verify that the value of the transaction does not exceed a pre-defined transaction-limit associated with the third-party merchant's 162 access of the CHD. If the transaction-limit is exceeded, theCHD access system 124 can reject the transaction. Further, theCHD access system 124 can report the attempted transaction to themerchant 142 or theadmin 148. TheCHD access system 124 can also report successful transactions to themerchant 142 thereby enabling themerchant 142 to verify that the third-party merchant 162 processed the transaction for the merchant's 142 customer. - In one embodiment, the
CHD access system 124 logs each access and/or attempted access of the token and/or CHD at the CHDaccess log repository 136. Advantageously, in some embodiments, if there is a disputed credit card use, the CHDaccess log repository 136 can be accessed to determine what parties may have accessed the token and/or CHD around the time associated with the disputed credit card use. - At
block 518, theCHD access system 124 disassociates the set of random words from the token and the third-party merchant 162. In one embodiment, disassociating the set of random words can include deleting or removing the words from thetokenization provider system 102. In one embodiment, block 518 is performed in response to the third-party merchant 162 accessing the token and/or CHD. In one embodiment, block 518 is performed in response to a pre-defined event. This pre-defined event can include any event associated with the token and/or CHD. For example, the pre-defined event can comprise: the number of times the set of random words have been provided by the third-party merchant 162 to the tokenization provider system 102 (e.g. once, or five times); the length of time since the set of random words were associated with the token (e.g. 15-minutes); or the length of time since the third-party merchant 162 first accessed the token and/or CHD, to name a few. - Further, in some embodiments, the
CHD access system 124 may disassociate the set of random words from the token without the third-party merchant 162 having ever accessed or attempted to access the CHD. For example, if the pre-defined event is a time-limit or time-period, theCHD access system 124 can disassociate the set of random words from the token at the expiration of the time-limit or time-period whether or not the third-party merchant 162 accessed the CHD. In addition, if the owner of the token (e.g. the merchant 142) ceases to trust the third-party merchant 162, the token owner can access thetokenization provider system 102 and remove the third-party merchant's 162 authorization to access the token, and thus the CHD associated with the token. Removing the authorization to access the token may include disassociating the set of random words from the token prior to the pre-defined event occurring. - In one embodiment, the third-
party merchant 162 can communicate with theCHD access system 124 using any secure system. For example, the third-party merchant 162 can provide the user authentication information or the set of random words using a secure portal or webpage associated with thetokenization provider system 102. Alternatively, the third-party merchant 162 can use a virtual private network (VPN) or a secure application obtained from thetokenization provider system 102 to access thetokenization provider system 102 and to provide the user authentication information or the set of random words to theCHD access system 124. - Advantageously, in some embodiments, a merchant can use the
process process process -
FIG. 6 illustrates a flow diagram for anexample flow 600 of information using a tokenization provider system 606. Some or all of the systems described herein can be used to facilitate the flow illustrated inFIG. 6 . For example, the interaction with themerchant 604 can be via a computing system associated with themerchant 604. As a second example, interaction with the third-party merchant may be via a POS. - The
flow 600 begins atevent 1 with thecustomer 602 providing CHD to themerchant 604. This CHD is then provided by themerchant 604 to the tokenization provider system 606 atevent 2. Atevent 3, the tokenization provider system 606 generates a token and associates the token with the CHD. This token is provided to the merchant atevent 4. Generally, but not necessarily, themerchant 604 can store the token in place of the CHD and can destroy or not save any copies of the CHD that themerchant 604 received. In other embodiments, themerchant 604 generates the token or at least a portion of the token instead of (or in addition to) the tokenization provider system 606. - At
event 5, thecustomer 602 provides a product or service request to themerchant 604 for a product or service that may be provided by the third-party merchant 608. For example, the request may be for opera tickets, flowers, or for an appointment at a spa. Atevent 6, themerchant 604 authorizes the third-party merchant 608 to access the token at the tokenization provider system 606 by communicating the authorization to the tokenization provider system 606. The tokenization provider system 606, atevent 7, generates an authorization factor, such as a set of four random words, and associates the third-party merchant with the authorization factor and the token. - At
event 8, the tokenization provider system 606 provides the authorization factor to themerchant 604, such as by email or through a web-portal. Themerchant 604 provides the authorization factor and the customer's 602 product or service request to the third-party merchant 608 atevent 9. Atevent 10, the third-party merchant 608 authenticates with the tokenization provider system 606. The third-party merchant 608 also provides the authorization factor to the tokenization provider system 606 atevent 10. In some embodiments, authenticating and providing the authorization factor may be two separate events. - Assuming that the third-
party merchant 608 is authenticated and that the tokenization provider system 606 determines that the third-party merchant 608 is authorized to access the token, the tokenization provider system 606 provides access to the CHD associated with the token atevent 11. In some embodiments, providing access to the CHD may include providing the CHD to the third-party merchant 608. - The flow of information illustrated in
FIG. 6 is for illustrative purposes and is not intended to be limiting. For example, in some cases, instead of, or in addition to, the tokenization provider system 606 providing the authorization factor to themerchant 604 atevent 8, the tokenization provider system 606 can provide the authorization factor to the third-party merchant 608. -
FIGS. 7-12 illustrate several non-limiting embodiments of interface screens that can be electronically generated by one or more of thetokenization provider system 102, thetoken access system 122, or any other system that can regulate the access of CHD associated with a token. Although the interface screens are illustrated as Graphical User Interfaces (GUIs), the interface screens are not limited as such. For example, the interface screens can include command-line interfaces (CLIs), three-dimensional interfaces, or a combination of interface types. - A user, such as the third-
party merchant 162, can access the interface screens illustrated inFIGS. 7-12 using aPOS 166, acomputing system 164, or the like. In some embodiments, some or all of the interface screens may be included as part of a web-based or Internet-based software application that is accessed via anetwork 170. Alternatively, some or all of the interface screens may be part of a client-side software application stored locally, such as on thecomputing system 164, which can communicate over thenetwork 170 with a server-side application stored on, for example, thetoken access system 122. -
FIG. 7 illustrates an embodiment of auser login interface 700. In some embodiments, theuser login interface 700 enables a user (e.g. the third-party merchant 162) who desires to access CHD associated with another user's token (e.g. themerchant 142 or organization associated with the merchant 142) to access thetoken access system 122. In some embodiments, users who desire to provide token access to another party (e.g. a user or organization) can use theuser login interface 700 to access thetoken access system 122. The third-party merchant 162 can provide a user name and password using thelogin panel 702 to authenticate with thetoken access system 122. Other authentication mechanisms are possible. For example, thelogin panel 702 can present the third-party merchant 162 with an opportunity to present a unique cryptographic identifier or key. This key, in certain embodiments, can then be matched to or decrypted with a corresponding public key to authenticate the third-party merchant 162. - The
user login interface 700 includes aregistration link 704. This registration link 704 can be used to direct an unregistered user to a registration screen, such as theuser registration interface 800 depicted inFIG. 8 . Further, theuser login interface 700 can also include alogin link 706 that can be used to direct a user (e.g. the merchant 142) who is registered with thetokenization provider system 102 to another login interface. This additional login interface can be user by subscribers of thetokenization provider system 102 to manage token access, such as to grant token access to third-party merchant organizations and/or users. -
FIG. 8 illustrates an embodiment of auser registration interface 800. Theuser registration interface 800 enables a user to register with thetoken access system 122 by providing, for example, contact information, a username, and a password. Theuser registration interface 800 can be used, for example, by the third-party merchant 162 ofFIG. 1 , who may not necessarily be a customer of the provider of thetokenization provider system 102. By registering with thetoken access system 122, in some embodiments, the third-party merchant 162 can access CHD associated with tokens that have been associated with the third-party merchant 162 or the third-party merchant environment 106 by the user who is a customer of the organization associated with thetokenization provider system 102. - In some embodiments, a
merchant 142 or an organization associated with themerchant environment 104 that is a customer of the organization associated with thetokenization provider system 102 can use theuser registration interface 800 to register an account with thetoken access system 122. Advantageously, in certain embodiments, this enables merchants to share access to CHD and/or tokens with other merchants whether or not the other merchants are customers of thetokenization provider system 102. -
FIG. 9 illustrates an embodiment of amerchant selection interface 900. Themerchant selection interface 900 enables a user (e.g. the third-party merchant 162) to select or connect to another user or associated organization (e.g. amerchant 142, amerchant environment 104, or an organization associated with the merchant environment 104) that has provided token access to the user or an organization associated with the user (e.g. the user's employer). For example, the third-party merchant 162 can use themerchant selection interface 900 to select the organization associated with themerchant environment 104. In some embodiments, the third-party merchant 162 can select themerchant environment 104. For example, if the merchant organization is a hotel chain, the third-party merchant 162 can select a specific franchise, location, or branch of the hotel chain using themerchant selection interface 900. - In some embodiments, the
merchant selection interface 900 enables the third-party merchant 162 to select any organization (or user) registered with thetokenization provider system 102. Alternatively, themerchant selection interface 900 may be configured to enable the third-party merchant 162 to select organizations (or users) that are currently sharing a token with the third-party merchant 162. In some cases, the third-party merchant 162 may be able to select any organization (or user) that has shared a token with the third-party merchant 162 at some point, whether or not the organization is currently sharing a token with the third-party merchant 162. - The
merchant selection interface 900 can include an existingconnections panel 902. The existingconnections panel 902 can list some or all of the users or organizations with whom the third-party merchant 162 is currently connected. In some embodiments, the existingconnections panel 902 may list organizations that are sharing a token with the third-party merchant 162. Alternatively, the existingconnections panel 902 may list any organization with which the third-party merchant 162 has established a connection. In some embodiments, the third-party merchant 162 can select organizations with which to connect. For some embodiments, organizations that are sharing tokens with the third-party merchant 162 (or an associated organization) are automatically connected to the third-party merchant 162 and may automatically be listed on the existingconnections panel 902. - The existing
connections panel 902 can list connections in any order. For example, the existingconnection panel 902 may list the organizations that are currently sharing a connection before displaying other connections. Alternatively, for example, organizations may be listed in alphabetical order, by frequency of access, or based on when the organization was added to the list. - In some implementations, the
merchant selection interface 900 can include one ormore search fields 904 for locating organizations that may have shared a token with the third-party merchant 162 (or an associated organization). These search fields 904 can include, for example, a name field, a city field, an address field, or a product or service field (e.g. electronics, hospitality, restaurants, etc.), to name a few. In some cases, the search fields 904 may be used to search for an organization that is known to thetokenization provider system 102 or that has registered with thetokenization provider system 102. - The results list 906 can list the organizations identified based on the information supplied to the search fields 904. Although illustrated as a drop-down list, the results list 906 is not limited as such and may include any type of GUI element, or other interface element, for displaying the list of results. For example, the results list 906 may include a dialog box, pop-up dialog box, a combo box, or other GUI element.
-
FIG. 10 illustrates an example embodiment of a populatedmerchant selection interface 1000. The populatedmerchant selection interface 1000 is substantially similar to themerchant selection interface 900. However, the search fields 904 and the results list 906 of the populatedmerchant selection interface 1000 illustrate sample search information and sample results respectively. -
FIG. 11 illustrates an example embodiment of aCHD access interface 1100. TheCHD access interface 1100 enables the third-party merchant 162 (or other user) to access CHD associated with a token that has been shared with the third-party merchant 162 or an associated organization of the third-party merchant 162. To access the CHD, in certain embodiments, the third-party merchant 162 can provide an authorization factor associated with the token that is associated with the CHD. As has previously been described, the authorization factor can be, for example, a set of four words. Further, the third-party merchant 162 can provide the authorization factor via authorization fields 1102.Authorization fields 1102 can include any GUI element for providing the authorization factor including, for example, a GUI element that allows for the uploading of an authentication file, such as a cryptographic key associated with the third-party merchant 162. In the illustrated embodiment, theauthorization fields 1102 include four text fields for entering the authorization factor. - The
CHD access interface 1100 may also include a challenge-response mechanism 1104. This challenge-response mechanism 1104 can include any mechanism for preventing automated systems, such as Internet bots, from accessing CHD using theCHD access interface 1100. For example, the challenge-response mechanism can include a security question, a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) (as illustrated inFIG. 11 ), combinations of the same, or the like. -
FIG. 12 illustrates an example of aCHD provisioning interface 1200. TheCHD provisioning interface 1200 can present CHD viaCHD fields 1204 to a user, such as the third-party merchant 162. Further, theCHD provisioning interface 1200 can include atimer 1202 that identifies how much time is remaining for the third-party merchant 162 to access the CHD before the CHD is cleared from theCHD provisioning interface 1200. - In some embodiments, the
CHD provisioning interface 1200 includes GUI fields for specifying a transaction. Advantageously, in certain embodiments, thetokenization provider system 102 can perform the transaction for the third-party merchant 162. Thus, in some embodiments, theCHD provisioning interface 1200 may not present the CHD to the third-party merchant 162. However, theCHD provisioning interface 1200 may present the status of the transaction, including a confirmation value. -
FIG. 13 illustrates an example embodiment of a token-sharing environment 1300. The token-sharing environment 1300 illustrates an example embodiment of merchant environments managing, at least in part, their own token access systems. Further, the token-sharing environment 1300 illustrates an example of a third-party merchant environment 1306 accessing tokens from other merchant environments (e.g., the merchant environment 1304). Reference numbers fromFIG. 1 are re-used to indicate correspondence between referenced elements inFIG. 1 and inFIG. 13 and, to simplify discussion, descriptions of these corresponding elements are not repeated with respect toFIG. 13 . - Similar to the token-sharing
environment 100, the token-sharing environment 1300 can include atokenization provider system 1302, amerchant environment 1304, and a third-party merchant environment 1306. Further, the token-sharing environment 1300 may include one ormore merchant environments 1380. In addition, although not depicted, the token-sharing environment 1300 may include a number of credit card processors. - Although
FIG. 13 does not illustrate any systems or subsystems associated with thetokenization provider system 1302, in certain embodiments, thetokenization provider system 1302 may include some or all of the systems included by thetokenization provider system 102. Further, thetokenization provider system 1302 may include some or all of the embodiments described above with relation to thetokenization provider system 102. Similarly, themerchant environment 1304 and the third-party merchant environment 1306 may each include some or all of the embodiments described above with relation to themerchant environment 104 and the third-party merchant environment 106. - The one or
more merchant environments 1380 may include any number or type of systems and configurations. In some cases, some or all of themerchant environments 1380 may include at least some systems and configurations associated with themerchant environment 104, themerchant environment 1304, the third-party merchant environment 106, and/or the third-party merchant environment 1306. Further, at least some of themerchant environments 1380 may use tokenization, or include a token access system or other system associated with accessing and/or sharing tokens. - In some embodiments, a
merchant 142 associated with themerchant environment 1304 may obtain a token for a set of CHD. Themerchant 142 may obtain this token by, for example, swiping a credit card through thePOS 144 or entering CHD into thePOS 144, which is then provided to a tokenization system (e.g., the tokenization provider system 1302), which provides the token to themerchant 142, or to a system associated with the merchant environment 1304 (e.g., thePOS 144 or the token repository 152). - The
merchant 142, using for example thetoken access system 1322, may cause the token to be associated with the third-party merchant environment 1306 and/or one or more of themerchant environments 1380. Associating the token with the third-party merchant environment 1306 may occur in response to a request from the third-party merchant 162, or another employee of the third-party merchant 1306, or in response to a request from a customer of themerchant environment 1304 who, for example, may be considering using the services of the third-party merchant environment 1306. Advantageously, in some embodiments, by sharing the token with the third-party environment 1306, the customer or an employee of themerchant environment 1304 can purchase products or services from the third-party merchant environment 1306 without accessing the CHD. In some cases, associating the token with the third-party merchant environment 1306 may occur in response to a request by themerchant 142. Advantageously, in certain embodiments, themerchant 142 can cause the token to be associated with the third-party merchant environment 1306 before, or without, the third-party merchant 162 requesting access to the token. - Associating the token with the third-party merchant environment 1306 can include generating an authorization factor using, for example, the
authorization factor generator 1328. Once the authorization factor is generated, it may be provided to the third-party merchant 162 under the control of themerchant 142, or in response to themerchant 142 associating the token with the third-party merchant environment 1306. In some embodiments, theauthorization factor generator 1328 can include some or all of the features described above with respect to theauthorization factor generation 128. - In some situations, the third-
party merchant 162 may require access to the CHD associated with the token. For example, the third-party merchant 162 may want access to the CHD before completing a transaction to provide a service or product to a customer of themerchant 142. As described previously, in some cases, accessing the CHD may include obtaining the CHD. In some cases, accessing the CHD may include the ability to use the CHD, but may or may not include obtaining the CHD or having the ability to view the CHD. Although in some cases the inability to view the CHD prevents a merchant from viewing all the CHD, in many cases at least some of the CHD may be viewable. For example, although the third-party merchant 162 may not be able to view an account number, the third-party merchant 162 may be able to view the name of the cardholder. - To use or access the CHD, the third-
party merchant 162 may use thecomputing system 1364 to communicate with atoken access system 1322 associated with themerchant environment 1304. In some cases, thecomputing system 1364 may include atoken access client 1390. In other cases, thetoken access client 1390 may be implemented as a separate system from thecomputing system 1364. For some cases where thetoken access client 1390 is a separate system, the third-party merchant 162 may access thetoken access client 1390 directly. In other cases, the third-party merchant 162 may access thetoken access client 1390 via thecomputing system 1364. - The
computing system 1364 can generally include any type of computing system. In some implementations, thecomputing system 1364 may be a general purpose computing system, such as a desktop, laptop, or tablet, which may include the functionality of theCHD access system 1324 and/or thetoken access client 1390 through, for example, a software application or a hardware add-on (e.g., a dongle, an expansion card, or a USB connectable device). In other implementations, thecomputing system 1364 may be a special purpose computing system which may include one or more hardware or software modules configured to provide the functionality of theCHD access system 1324 and/or thetoken access client 1390. In some embodiments, thecomputing system 1364 can include some or all of the features described above with respect to thecomputing systems - The
token access client 1390 can generally include any system that is capable of identifying a token source for obtaining access to a token associated with CHD. For example, the token source may include themerchant environment 1304 or thetokenization provider system 1302. In some cases, thetoken access client 1390 may identify the token source based on the authorization factor provided to the third-party merchant environment 1306 by themerchant environment 1304 using, for example, thetoken access system 1322. In other cases, the third-party merchant 162 may configure thetoken access client 1390 with the identity of the token source. In some cases, thetoken access system 1322 may identify themerchant environment 1304 as the token source when providing the authorization factor to the third-party merchant 162 or the third-party merchant environment 1306. - Using the
token access client 1390, the third-party merchant 162 may request access to a token from themerchant environment 1304. This request may be provided to thetoken access system 1322. Thetoken access system 1322 can include any system that can generate tokens and provide access to the tokens to a merchant or employee of a merchant environment including the third-party merchant environment 1306. As illustrated, thetoken access system 1322 may be located at themerchant environment 1304 in its entirety. However, in some cases, thetoken access system 1322 may be a distributed system. Further, in some cases, thetoken access system 1322 may be split between themerchant environment 1304 and thetokenization provider system 1302. In some implementations, thetoken access system 1322 may represent a thin client, which can provide an Application Programming Interface (API) or any other type of interface for accessing a third-party token access system, which may be hosted by another merchant environment, atokenization provider system 1302, a token hosting service provider (not shown), or any other system that can store and/or regulate access to tokens. In some embodiments, thetoken access system 1322 can include some or all of the features described above with relation to thetoken access system 122. Thetoken access system 1322 can include anauthorization factor generator 1328, which, as described above, can provide an authorization factor associated with a token. In some embodiments, thetoken access client 1390 may determine the merchant environment, or token access system of the merchant environment, to contact based on one or more of an authorization factor, a merchant identifier, or indication of the third-party merchant 162. Thus, thetoken access client 1390 can determine whether to communicate with thetoken access system 1322 or a token access system associated with one of themerchant environments 1380. - As part of the request to access the token from the
merchant environment 1304, or in response to a prompt from thetoken access system 1322, the third-party merchant 162 may provide an authorization factor to thetoken access system 1322. If the token access system determines that the third-party merchant 162, or another employee of the third-party merchant environment 1306, is authorized to access the token, thetoken access system 1322 may provide the token to the third-party merchant environment 1306. The third-party merchant 162 can then use theCHD access system 1324 to access CHD associated with the token. Accessing the CHD can include theCHD access system 1324 providing the received token to thetokenization provider system 1302 and requesting access to the associated CHD. Thetokenization provider system 1302 may then provide the third-party merchant 162 with access to the CHD associated with the token. As previously described, providing access to the CHD can include providing the CHD to the third-party merchant 162 or enabling the third-party merchant 162 to complete a transaction using the CHD with or without providing the CHD to the third-party merchant 162. - In some embodiments, the
token access system 1322 may include theCHD access system 1324. In some cases, in response to the request to access the token, thetoken access system 1322 may use theCHD access system 1324 to obtain access to the CHD on behalf of the third-party merchant 1306. The third-party merchant 162 can provide transaction details, such as the price of a product, to thetoken access system 1322 at themerchant environment 1304, and thetoken access system 1322 can complete the transaction for the third-party merchant environment 1306 and provide a confirmation to the third-party merchant 162. In some embodiments, theCHD access system 1324 can include some or all of the features described above with respect to theCHD access system 124. - In some embodiments, some or all of the
process 200 and/or theprocess 400 may be performed by a system associated with themerchant environment 1304 to associate a token with the third-party merchant environment 1306. For example, in some embodiments, thetoken access system 1322 may be configured to perform one or more of the operations associated with theprocess 200 and/or theprocess 400. For instance, thetoken access system 1322 may receive a request to associate a token with the third-party merchant environment 1306. If the third-party merchant environment 1306 is authorized to access the tokens of themerchant environment 1304, thetoken access system 1322 may generate a set of random words, or some other authorization factor, and associate the set of random words with the token and the third-party merchant environment 1306, or an employee thereof (e.g., the third-party merchant 162). Thetoken access system 1322 can then provide the set of random words to the third-party merchant environment 1306 or the third-party merchant 162. -
FIG. 14 illustrates a flow diagram for an example embodiment of aprocess 1400 for accessing a token. Theprocess 1400 can be implemented by any system that can provide a second merchant, such as the third-party merchant 162, with access to a token created in response to a first merchant, such as themerchant 142, providing CHD to a tokenization system. For example, theprocess 1400, in whole or in part, can be implemented by one or more of thetoken access system 1322, thecomputing system 146, and thetokenization provider system 1302. Although any number of systems, in whole or in part, can implement theprocess 1400, to simplify discussion, theprocess 1400 will be described as being generally implemented by thetoken access system 1322. - The
process 1400 begins atblock 1402 where, for example, thetoken access system 1322 receives a set of words from a user (e.g., the third-party merchant 162) associated with the third-party merchant environment 1306. Thetoken access system 1322 can compare the received set of words to a set of words associated with tokens stored at thetoken repository 152 to determine if the user is authorized to access one or more of the tokens. Although theprocess 1400 is described with respect to a set of words, it is possible to perform theprocess 1400 using any type of authorization factor including those previously described above. Further, in some cases, multiple checks may be performed. For instance, theprocess 1400 can include determining whether a password matches a user, and if so, theprocess 1400 can then include a token identification check based on, for example, a set of words, as described above. - In some embodiments, the
block 1402 includes authenticating the user. Authenticating the user may also include determining whether the user or the third-party merchant environment 1306 is authorized to provide the set of words or to access the tokens of themerchant environment 1304 associated with thetoken access system 1322. Some embodiments for authenticating the user and for determining the user's authorization are described above with respect to theblocks 502 and 504. - At decision block 1404, the
token access system 1322 determines whether the set of words match a set of random words associated with a token. If the set of words do not match the set of random words, thetoken access system 1322 rejects the user, or the user's request to access the token, at theblock 1406. In some embodiments, the decision block 1404 can include some or all of the embodiments described above with respect to thedecision block 510. Further, in some embodiments, theblock 1406 can include some or all of the embodiments described above with respect to the block 506. - If the token access system determines that the set of words match a set of random words associated with the token, the
token access system 1322 can provide the user with the token associated with the set of random words at block 1408. In some cases, the block 1408 may further include determining whether the token is associated with the user prior to providing the user with the token. In some embodiments, the block 1408 may include providing the user with access to the token with or without providing the user with the token. For example, thetoken access system 1322 may inform the user that the user has obtained access to the token and that in response to the user providing transaction details, thetoken access system 1322 can complete the transaction for the user using the token. Advantageously, in certain embodiments, the third-party merchant 162 can complete a transaction using a token and CHD associated with the token without ever viewing or accessing the token or CHD. - At
block 1410, the token access system can disassociate the set of random words from the token and the user. In some cases, theblock 1410 can include disassociating the token with the user (e.g., the third-party merchant 162). In certain embodiments, some or all of the embodiments described above with respect to theblock 518 may apply to theblock 1410. -
FIG. 15 illustrates a flow diagram for a third example embodiment of aprocess 1500 for accessing cardholder data. Theprocess 1500 can be implemented by any system that can provide a second merchant (e.g., the third-party merchant 162) with access to CHD associated with a token, which was created in response to a first merchant (e.g., the merchant 142) providing the CHD to the system or a related system. For example, theprocess 1500, in whole or in part, can be implemented by one or more of theCHD access system 1324, thetoken access client 1390, thecomputing system 1364, thetoken access system 124, and thetoken access system 1322. Although any number of systems, in whole or in part, can implement theprocess 1500, to simplify discussion, theprocess 1500 will be described as being generally implemented by thecomputing system 1364. - The process begins at
block 1502 where, for example, thecomputing system 1364 at the third-party merchant environment 1306 using, for example, thetoken access client 1390 provides a set of words to atoken access system 1322 hosted by themerchant environment 1304. In certain embodiments, theblock 1502 may be part of an authentication process for accessing thetoken access system 1322. Examples of authentication elements and processes that may be used herein are described in “The OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-25,” dated Mar. 8, 2012, located at http://tools.ietf.org/html/draft-ietf-oauth-v2-25 (last accessed Mar. 23, 2012) and is hereby incorporated by reference herein in its entirety. In other embodiments, theblock 1502 may include an authentication process for authenticating the third-party merchant 162. The set of words may then be used to identify the specific token to be accessed. - In some embodiments, the
block 1502 may include a process for determining the token access system and/or merchant environment to access or to provide the set of words. In some cases, determining the merchant environment to access is based on the set of words. In other cases, the merchant environment is selected by the third-party merchant 162. Alternatively, the merchant environment is preselected by, for example, an administrator. In some cases, theprocess 1500 may be performed in response to a system hosted by themerchant environment 1304, such as thetoken access system 1322, communicating with a system hosted by the third-party merchant environment 1306, such as thecomputing system 1364. In some cases, the merchant environment may be selected via merchant specific identifiers, such as a merchant account number. The merchant account number may be specified by a user associated with the third-party merchant environment 1306 (e.g., the third-party merchant 162). Alternatively, the merchant account number may be associated with the set of words or provided by the merchant who provided the set of words to the third-party merchant environment 1306. - At
block 1504, thecomputing system 1364 receives a token associated with a set of cardholder data from thetoken access system 1322. In some embodiments, receiving the token may include receiving a copy of the token. Alternatively, or in addition, receiving the token may include receiving access to the token and/or permission to use the token, but in some embodiments does not include receiving a copy of the token. Advantageously, in certain embodiments, the third-party merchant 162 can use the token without the token being transmitted from themerchant environment 1304, or a system associated with themerchant environment 1304, to the third-party merchant environment 1306. - At
block 1506, thecomputing system 1364 using, for example, theCHD access system 1324 may provide the token to atokenization provider system 1302 to obtain access to the CHD associated with the token. Atblock 1508, thecomputing system 1364 may receive access to the CHD from thetokenization provider system 1302. In some cases, receiving access to the CHD may include receiving a copy of the CHD. The copy of the CHD may include an encrypted copy of the CHD, which may be decrypted by, for example, theCHD access system 1324. In other cases, receiving access to the CHD may include obtaining permission to use the CHD at thetokenization provider system 1302. In such cases, the third-party merchant 162 using, for example, thecomputing system 1364 orPOS 166 may provide transaction details to thetokenization provider system 1302. Thetokenization provider system 1302 may then complete the transaction on behalf of the third-party merchant 162. Advantageously, in some embodiments, the third-party merchant 162 can complete a transaction using the CHD without obtaining a copy of the CHD. - In some embodiments, the third-
party merchant 162 may provide the transaction details to, for example, thetoken access system 1322 hosted by themerchant environment 1304. Thetoken access system 1322 may then provide the transaction details and the token to thetokenization provider system 1302, which may complete the transaction on behalf of the third-party merchant 162. Advantageously, in some embodiments, the third-party merchant 162 can complete a transaction using the CHD without ever obtaining a copy of the CHD or the token associated with the CHD. -
FIG. 16 illustrates an example embodiment of a token access system 1622. The token access system 1622 can include any type of system that can be used by a tokenization provider system (e.g., the tokenization provider system 102) or a merchant environment (e.g., the merchant environment 1304) to provide a user or merchant with access to a token and/or CHD associated with a token. In some embodiments, the token access system 1622 can include some or all of the embodiments described above with respect to thetoken access system 122 and/or thetoken access system 1322. - The token access system 1622 can include an
authorization factor generator 128, aCHD access system 124, and an interactive voice response (IVR)system 1630. Theauthorization factor generator 128 and theCHD access system 124 of token access system 1622 can include some or all of the embodiments previously described with respect to theauthorization factor generator 128 and theCHD access system 124. - The
IVR system 1630 can include any system that enables a user to interact with the token access system 1622 using voice input. The voice input can include voice commands as well as any information or data that can be provided by voice. Further, theIVR system 1630 can prompt a user to provide commands and/or data via an audio prompt. Although configured for voice input and audio output, in some embodiments, theIVR system 1630 can be configured to interact with a user via other methods and mechanisms. For example, in some cases, theIVR system 1630 can be an interactive voice and video response (IWR) system capable of interacting with a user via both voice and video. In some cases, theIVR system 1630 can interact with the user via static images and/or an interactive user interface, which may include audio, video, or images. - A user can use one or more of a telephone, dumbphone, a feature phone, a smartphone, and a computing device (e.g., a laptop, desktop, tablet, etc.) to interact with the
IVR system 1630. For example, a user can use a system or service that utilizes Voice over Internet Protocol (VoIP) to interact with theIVR system 1630. Further, in some embodiments, a computer or computing system can interact with theIVR system 1630. Advantageously, in certain embodiments, configuring a computer system to interact with theIVR system 1630 enables interacting with theIVR system 1630 using an automated system and/or process. -
FIG. 17 illustrates a flow diagram for an example embodiment of an interactive voice response (IVR) basedtoken sharing process 1700. Theprocess 1700 can be implemented by any system that can interact with a system or user via voice input and audio output to enable a user to share a token with another user or entity. For example, theprocess 1700, in whole or in part, can be implemented by one or more of the token access system 1622, theIVR system 1630, thetoken access system 122, and thetoken access system 1322. Although any number of systems, in whole or in part, can implement theprocess 1700, to simplify discussion, portions of theprocess 1700 will be described with respect to particular systems. - The process begins at block 1702 where, for example, the token access system 1622 authenticates a user via the
IVR system 1630. Authenticating the user can include requesting the user provide information associated with the user to theIVR system 1630. This information can include a unique identifier (e.g., a social security number, a unique account number, etc.), a pin number, an answer to a security question, a name, or any other information that can be used to help identify the user or verify the user's specified identity. If the user is not successfully authenticated, theprocess 1700 may end, provide the user an opportunity to re-authenticate, and/or alert an administrator. Generally, the user is a human. However, in some cases, the user may be an automated system or a computing system. - At
block 1704, theIVR system 1630 prompts the user to provide a token. TheIVR system 1630 receives the token from the user atblock 1706. This token can include any string of alphanumeric characters and symbols that may be supplied via a phone and/or keyboard and can be associated with CHD. At decision block 1708, the token access system 1622 determines whether the user is associated with the token. In some embodiments, determining whether the user is associated with the token can include determining whether the user is identified as an owner of the token. Further, in some cases, determining whether the user is associated with the token can include determining whether the user is authorized to share the token with other users. - If the user is associated with the token, the
IVR system 1630 provides the user with the authorization factor atblock 1710. Providing the authorization factor to the user enables the user to share token access with a another user, or third-party user, to whom the user provides the authorization factor. In some embodiments, the third-party user may be prevented from accessing the token regardless of whether the third-party user has the authorization factor. For example, if the third-party user is not registered with the token access system 1622, having access to the authorization factor may not be sufficient to use the token or access CHD associated with the token. In some embodiments, theblock 1710 can include the user identifying or registering the third-party user to whom the user intends to share the authorization factor thereby enabling the token access system 1622 to verify that a user providing the authorization factor to the token access system 1622 is authorized to access the token. Advantageously, in certain embodiments, registering the intended recipient or third-party user with the token access system 1622 creates a multi-factor authorization system as the third-party user should be registered with the token access system 1622 and should have access to the authorization factor before accessing a token. - The authorization factor provided at the
block 1710 can include any type of authorization factor that may be provided by anIVR system 1630. For example, the authorization factor can include a set of words, characters, numbers, or sounds. Moreover, in some cases, the authorization factor provided by the IVR system can include some or all of the embodiments previously described with respect to authorization factors. For example, the authorization factor may be associated with a theme, such as colors, animals, or places. In some cases, an authorization factor may be easier to remember than a token. Thus, in certain cases, a user may use theprocess 1700 to obtain an authorization factor for his or her own use to facilitate accessing a token. Moreover, in certain cases, the authorization factor may be used as the token. - If the user is not associated with the token, the token access system 1622 rejects the user at
block 1712. Rejecting the user can include theIVR system 1630 informing the user that the user is not authorized to access the token. In some embodiments, theblock 1712 can include some or all of the embodiments described above with respect to theblocks 506 and 1406. -
FIG. 18 illustrates a flow diagram for an example embodiment of atoken generation process 1800. Theprocess 1800 can be implemented by any system that can generate a token to be associated with CHD received via an IVR system. For example, theprocess 1800, in whole or in part, can be implemented by one or more of the token access system 1622, theIVR system 1630, thetoken access system 122, and thetoken access system 1322. Although any number of systems, in whole or in part, can implement theprocess 1800, to simplify discussion, portions of theprocess 1800 will be described with respect to particular systems. - The process begins at block 1802 where, for example, the token access system 1622 authenticates a user via the
IVR system 1630. Authenticating the user can include requesting the user provide information associated with the user to theIVR system 1630. This information can include a unique identifier (e.g., a social security number, a unique account number, etc.), a pin number, an answer to a security question, a name, or any other information that can be used to help identify the user or verify the user's specified identity. If the user is not successfully authenticated, theprocess 1800 may end, provide the user an opportunity to re-authenticate, and/or alert an administrator. Generally, the user is a human. However, in some cases, the user may be an automated system or a computing system. In certain embodiments, the block 1802 is optional. - At
block 1804, theIVR system 1630 prompts the user to provide one or more pieces of CHD. This CHD can generally include any type of CHD, such as a card number, an expiration date, a card security or verification code (e.g., a CVC code, a CVV2 code, a CVC2 code, etc.), a cardholder name, etc. In some cases, the requested CHD may depend on the type of card and/or the entity associated with the token access system 1622 or using the token access system 1622. TheIVR system 1630 receives the CHD from the user atblock 1806. Subsequent to receiving the CHD, the token access system 1622 verifies the CHD atblock 1808. Verifying the CHD can include any process that may be used to verify at least a subset of the CHD. For example, verifying the CHD can include performing one or more algorithmic checks on the CHD, (e.g., a Luhn test), contacting a provider of the card associated with the CHD, and performing a micro-transaction or a small transaction using the CHD. In some embodiments, theblock 1808 may be optional. - At
block 1810, the token access system 1622 generates a token. In some embodiments, theblock 1810 can include some or all of the embodiments described above with respect to theblock 204. Further, the token can include any type of token as has previously been described. Typically, the token is unique. However, in some cases, a token may be a duplicate token or a reused token. For example, a token associated with expired CHD may be re-associated with CHD that is not expired. Moreover, although the token generally includes a random or pseudo-random value that is unrelated to the CHD, in some cases, the token may be based, at least in part, on the CHD. For example, the first portion of the token may include a portion of CHD (e.g., the first 4-digits of a card number) or may be generated based on the portion of the CHD. - The token access system 1622 associates the token with the CHD in a repository at
block 1812. This repository can include any repository or data store designed to store a relationship between a token and CHD. For example, the repository can include the token/CHD relationship repository 132. In some cases, theblock 1812 can include storing the CHD and the token in the repository. In certain embodiments, theblock 1812 can include one or more of the embodiments described above with respect to theblock 206. - At
block 1814, theauthorization factor generator 128 generates an authorization factor associated with the token. The authorization factor can include any type of authorization factor as previously described with respect toFIG. 1 . Further, in some cases, the authorization factor can include a set of random or pseudorandom words as described with respect to theblock 416. For example, the authorization factor may be the following set of four words: green, dog, circle, grape. Generally, the authorization factor is unrelated to the token. However, in some cases, the authorization factor may be generated based, at least in part, on the token. For example, theauthorization factor generator 128 may use portions of the token as an index for selecting words or values in a dictionary of available options. This dictionary may be predefined or it may itself be generated as, for example, part of theblock 1814. Advantageously, in certain embodiments, the authorization factor can serve as an “anglicized” token or a simplified token that is easier to remember than the token generated at theblock 1810, which may include, for example, a string of random letters, numbers, and/or symbols. Moreover, in certain embodiments, theblock 1814 can include some or all of the embodiments described with respect to theblock 416. - The token access system 1622 associates the authorization factor with the token in a repository at block 1816. This repository may be the same repository, described with respect to the
block 1812, that stores the association between the token and the CHD. Alternatively, the authorization factor and token relationship may be stored at another repository, such as thetoken access repository 134. In certain embodiments, the block 1816 can include some or all of the embodiments described with respect to theblock 418. Further, in certain embodiments, the block 1816 can include associating the authorization factor with the user. In such embodiments, the block 1816 may include one or more of the embodiments previously described with respect to theblock 420. Moreover, in certain embodiments, the block 1816 can include associating the authorization factor with one or more additional users specified by the user. - At block 1818, the
IVR system 1630 provides the authorization factor to the user. The authorization factor may be presented to the user via audio, images, video, or any combination thereof. Further, in some cases, the authorization factor may be provided to one or more additional users whom the user has specified as being authorized to access the token. In certain embodiments, the block 1818 can include one or more of the embodiments described above with respect to theblock 422. Instead of, or in addition to, using theIVR system 1630 to prevent the authorization factor to the user the token access system 1622 may provide the authorization factor to the user via any other communication mechanism for providing information to a user. For example, the token access system 1622 can provide the authorization factor to the user via a text message, an email, a voicemail message, or an instant message, to name a few. -
FIG. 19 illustrates an example embodiment of a token-sharing environment 1900. The token-sharing environment 1900 illustrates an example embodiment of multiple tokenization provider systems (e.g., thetokenization provider systems token access system 1922, which enables merchants to share access to tokens created by the tokenization provider systems. Although a single token access system is illustrated, it is possible, in some cases, for the tokenization provider systems to have access to multiple token access systems. Further, although thetoken access system 1922 is illustrated as a separate system from the tokenization provider systems, it is possible for at least some of thetoken access system 1922 to be part of the tokenization provider systems. - In some embodiments, the
token access system 1922 is operated by a different entity than each of the tokenization provider systems. Alternatively, thetoken access system 1922 may be part of one of the tokenization provider systems or operated by an entity that operates one of the tokenization provider systems. The remaining tokenization provider systems may then rent or purchase the use of the token access system from the tokenization provider system, or the entity that operates the tokenization provider system. For example, thetoken access system 1922 may be part of thetokenization provider system 1902, and the operators oftokenization provider systems tokenization provider system 1902. Advantageously, in certain embodiments, the entities that operate thetokenization provider systems tokenization provider system 1902. - The tokenization provider systems can communicate with the
token access system 1922 via thenetwork 170. Further, themerchants token access system 1922 and the tokenization provider systems via thenetwork 170. In some cases, at least one of the merchants can be a third-party merchant environment (e.g., the third party merchant environment 106) as previously described. In some cases, themerchant 1910 may serve as a third-party merchant to themerchant 1912 and vice versa. - In certain embodiments, the
token access system 1922 can create authorization factor pools (e.g., four word pools, image pools, sound pools) that are uniquely associated with one of the tokenization provider systems. Thus, each tokenization provider system can be associated with a unique pool of authorization factors. For example, assuming that the authorization factor is based on sets of words, thetokenization provider system 1902 may be associated with a word pool that includes words starting with letters ‘A’-‘H’, thetokenization provider system 1904 may be associated with a word pool that includes words starting with letters ‘I’-‘N’, and thetokenization provider system 1906 may be associated with a word pool that includes words starting with letters ‘O’-‘Z’. - The
token access system 1922 can include multiple authorization factor pool repositories that can be associated with the tokenization provider systems. Each of the tokenization factor pool repositories can include the authorization factors that can be used or randomly selected for enabling a merchant, or third-party merchant, to obtain access to a token from a particular tokenization provider system. For example, thetokenization provider system 1902 may be associated with theauthorization factor pool 1932, thetokenization provider system 1904 may be associated with theauthorization factor pool 1934, and thetokenization provider system 1906 may be associated with theauthorization factor pool 1936. In some embodiments, each of the authorization factor pools may be stored in the same repository. Alternatively, each of the authorization factor pools may be stored in separate repositories, which may or may not be stored at the same location. In some embodiments, each authorization factor pool may include different authorization factor types and/or algorithms. For example, theauthorization factor pool 1932 may include an algorithm for selecting random words, theauthorization factor pool 1934 may include an algorithm for selecting random digits, and theauthorization factor pool 1934 may include an algorithm for selecting a combination of images and pass-phrases. - Advantageously, in certain embodiments, by associating different authorization factor pools with each tokenization provider system, tokens may be further protected because the authorization factors would be specific to the tokenization provider system associated with the authorization factor pool. Thus, for example, an authorization factor generated based on one authorization factor pool would not be meaningful or understood by tokenization provider systems not associated with the authorization factor pool.
- Each time a merchant, such as
merchant 1910, requests an authorization factor to be provided to a third-party merchant, such as themerchant 1912, to enable the third-party merchant to access a token, thetoken access system 1922 can determine which tokenization provider system generated the token. Theauthorization factor generator 1928 can then generate an authorization factor, such as a set of words, using the authorization factor pool associated with the tokenization provider system that generated the token. For example, if the token access system determines that the token identified by themerchant 1910 was generated by thetokenization provider system 1904, theauthorization factor generator 1928 can generate an authorization factor usingauthorization factor pool 1934. - In some embodiments, the authorization factor is associated with the token or a reference to the token at the
token access repository 1940. Alternatively, or in addition, the authorization factor may be associated with the token or the reference to the token at the authorization factor pool corresponding to the tokenization provider system that generated the token. - As previously described, in certain embodiments a third-party merchant provides the authorization factor to the
token access system 1922 to obtain access to the corresponding token associated with the authorization factor. Thetoken access system 1922 can determine the tokenization provider system communicate with to obtain access the token corresponding to the authorization factor based on the authorization factor. For example, if the authorization factor is a set of words, and each of the words starts with a letter from ‘A’-‘H,’ thetoken access system 1922 can determine that it should access thetokenization provider system 1902. In some embodiments, the merchant attempting to obtain access to the token can specify the tokenization provider system when providing the authorization factor. Thetoken access system 1922 can then determine if the selected tokenization provider system is the tokenization provider system associated with the authorization factor. If so, thetoken access system 1922 can proceed with a process (e.g., the process 500) for granting the merchant with access to the token, or associated CHD. If the token access system determines that the user or third-party merchant identified the wrong tokenization provider system, thetoken access system 1922 can prevent access to the requested token or CHD. - In some embodiments, after obtaining access to the token corresponding to an authorization factor, the
token access system 1922 can provide the third-party merchant with access to the corresponding CHD using theCHD access system 1924, which can include some or all of the embodiments previously described with respect to theCHD access system 124 and/or 1324. Alternatively, or in addition, the tokenization provider system that generated the token provides access to the CHD associated with the token. As previously described, providing access to a token and/or CHD can, in some cases, include providing a user or merchant with a copy of the token and/or CHD. In other cases, providing access to a token and/or CHD can involve enabling a user or merchant to use the token and/or CHD without enabling the user or merchant to view the token and/or CHD. -
FIG. 20 illustrates a flow diagram for a third example embodiment of atoken provisioning process 2000. Theprocess 2000 can be implemented by any system that can associate a token corresponding to CHD of a cardholder with a merchant other than the merchant that caused the token to be created. For example, theprocess 2000, in whole or in part, can be implemented by one or more of a tokenization provider system (e.g., the tokenization provider system 1922), atoken access system 1922, anauthorization factor generator 1928, thetoken access system 122, theCHD access system 124, thegateway 126, etc. Although any number of systems, in whole or in part, can implement theprocess 2000, to simplify discussion, theprocess 2000 will be described as being generally implemented by specific systems. In some embodiments, theprocess 2000 can be used to provide either a merchant, or an employee of the merchant or the merchant environment with access to a token or CHD associated with the token. - The
process 2000 begins atblock 2002, where, for example, thetoken access system 1922 receives the identity of a token from a merchant (e.g., the merchant 1910). In some embodiments, theblock 2002 can include some or all of the embodiments as previously described for receiving the identity of a token, such as the embodiments described with respect to theblock 408. Further, in some embodiments, theprocess 2000 may include identifying the merchant, or user, and determining whether the merchant is authorized to grant token access, as described previously with respect to, for example, theprocess 400. - At
bock 2004, thetoken access system 1922 identifies a tokenization provider system (e.g., the tokenization provider system 1922) that generated the token identified at theblock 2002. In some embodiments, thetoken access system 1922 may identify the tokenization provider system based on the identified token, data received from the merchant, information stored in one or more repositories (e.g., the token access repository 1940), by querying one or more tokenization provider systems or by any other method for identify a tokenization provider system that generated a token. - At
block 2006, theauthorization factor generator 1928 generates an authorization factor based on the authorization factor pool associated with the tokenization provider system identified at theblock 2004. For example, assuming thetokenization provider system 1922 is associated with theauthorization factor pool 1932, and that the token identified at theblock 2002 was generated by thetokenization provider system 1922, theauthorization factor generator 1928 may generate the authorization factor based on an algorithm or pool of eligible authorization factors stored at theauthorization factor pool 1932. Generating the authorization factor can include selecting an authorization factor, either randomly, pseudo-randomly, or programmatically based on an algorithm. These authorization factors can include any type of authorization factor as previously described with respect to, for example,FIG. 1 and/or theblock 416. For example, the authorization factor can be a set of one or more random words, or a set of images. - At
block 2008, thetoken access system 1922, or theauthorization factor generator 1928, associates the authorization factor with the token. In some embodiments, the association between the authorization factor and the token may be stored at thetoken access repository 1940. In other embodiments, the association may be stored at the authorization factor pool associated with the tokenization provider system that generated the token. Alternatively, or in addition, the association may be stored at the tokenization provider system that generated the token. Further, in such cases, thetoken access system 1922 may provide the authorization factor to the tokenization provider system, and the tokenization provider system may associate the authorization factor with the token. In some embodiments, theblock 2008 may include some or all of the embodiments previously described with respect to, for example, theblock 418. - At
block 2010, thetoken access system 1922 receives the identity of a merchant (e.g., the merchant 1912). Generally, although not necessarily, the merchant identified at theblock 2010 differ from the merchant that provided the identity of the token at theblock 2002. In some embodiments, theblock 2010 may include some or all of the embodiments previously described with respect to, for example, theblock 410. Further, as previously described with, for example, theprocess 400, theprocess 2000 may, in some embodiments, include determining whether the merchant identified at theblock 2010 is authorized to access tokens. - The
token access system 1922, at block 2012, associates the authorization factor with the merchant identified at theblock 2010. In some embodiments, the tokenization provider system that generated the token may perform the block 2012 in response to receiving the identity of the merchant from the user and/or thetoken access system 1922. In some embodiments, the block 2012 may include some or all of the embodiments previously described with respect to, for example, theblock 420. - At
block 2014, thetoken access system 1922 provides the authorization factor to the merchant identified at theblock 2010. In some embodiments, thetoken access system 1922 provides the authorization factor to the merchant that identified the token at theblock 2002, who can then provide the authorization factor to the merchant identified at theblock 2010. In some embodiments, theblock 2014 may include some or all of the embodiments previously described with respect to, for example, theblock 422. -
FIG. 21 illustrates a flow diagram for a fourth example embodiment of aprocess 2100 for accessing cardholder data. Theprocess 2100 can be implemented by any system that can provide a merchant (e.g., the merchant 1912) with access to a token and, in some cases, CHD associated with the token, which was created in response to another merchant (e.g., the merchant 1910) providing the CHD to a tokenization provider system (e.g., the tokenization provider system 1902). For example, theprocess 2100, in whole or in part, can be implemented by one or more of thetoken access system 1922, thetokenization provider system 1902,token access system 122, theCHD access system 124, and thegateway 126. Although any number of systems, in whole or in part, can implement theprocess 2100, to simplify discussion, theprocess 2100 will be described as being generally implemented by specific systems. - The
process 2100 begins at block 2102 where, for example, thetoken access system 1922 receives an authorization factor from a user (e.g., themerchant 1912, or a representative thereof). In some embodiments, the block 2102 may include some or all of the embodiments previously described with respect to, for example, the block 508. Further, in some embodiments, theprocess 2100 may include receiving authentication information from the user and determining whether the user is authorized to access thetoken access system 1922 or a tokenization provider system associated with the authorization factor and/or corresponding token, as described previously with respect to, for example, theprocess 500. - At
block 2104, thetoken access system 1922 identifies a tokenization provider system associated with the authorization factor. Identifying the tokenization provider system associated with the authorization factor can include accessing an authorization factor pool associated with the authorization factor. Determining the tokenization provider system and/or authorization factor pool corresponding to the authorization factor may be based on the authorization factor, the identity of the user, and/or information received from the user. For example, if the authorization factor is a set of images, thetoken access system 1922 may determine that the relationship between the authorization factor and the token is stored at theauthorization factor pool 1934 and that thetokenization provider system 1904 generated the token. - At
block 2106, thetoken access system 1922 identifies a token associated with the authorization factor at the tokenization provider system identified at theblock 2104. In some embodiments, theblock 2106 may include some or all of the embodiments previously described with respect to, for example, theblock 510 and/or 514. - At
block 2108, thetoken access system 1922 provides the user with access to the token associated with the authorization factor. In some embodiments, theblock 2108 may include theCHD access system 1924 providing the user with access to the CHD associated with the token. In some cases, the user is provided with access to the token and/or CHD without enabling the user to view the token and/or CHD. Further, in some cases, theblock 2108 can include causing the tokenization provider system that generated the token to provide the user with access to the token and/or corresponding CHD. In some embodiments, theblock 2108 may include some or all of the embodiments previously described with respect to, for example, theblock 514 and/or 516. - The
token access system 1922 disassociates the authorization factor from the token and the user atblock 2110. Disassociating the authorization factor from the token and the user can include disassociating the authorization factor from the token and/or user at one or more of the authorization factor pool repository and the tokenization provider system corresponding to the token. In some embodiments, theblock 2110 may include some or all of the embodiments previously described with respect to, for example, theblock 518. In some embodiments, theblock 2110 is optional. -
FIG. 22 illustrates a flow diagram for an example embodiment of a token-provisioning process 2200 using a machine-readable code. Theprocess 2200 can be implemented by any system that can provide a merchant (e.g., the third-party merchant 162 associated with the third-party merchant environment 106) with access to a token and, in some cases, CHD associated with the token, which was created in response to another merchant (e.g., the merchant 142) providing the CHD to a tokenization provider system (e.g., the tokenization provider system 102). For example, theprocess 2200, in whole or in part, can be implemented by one or more of thetokenization provider system 102, thetoken access system 122, theCHD access system 124, theauthorization factor generator 128, and thegateway 126, to name a few. Although any number of systems, in whole or in part, can implement theprocess 2200, to simplify discussion, theprocess 2200 will be described as being generally implemented by specific systems. - The
process 2200 begins at block 2202 where, for example, thetoken access system 122 accesses an authentication factor associated with a token. Accessing the authentication factor can include generating the authentication factor, such as was previously described with respect to theblock 416. Further, as has previously been described, the authentication factor can include any type of authentication factor including a set of random or pseudo-random words. In some embodiments, accessing the authentication factor associated with the token can include performing one or more of the previously described embodiments for associating a token with a merchant or a third-party merchant who did not initiate creation of the token, such as the embodiments described with respect to theprocess 400. - At
block 2204, thetoken access system 122 accesses an identifier associated with a merchant who is associated with the authentication factor. This merchant is typically a third-party merchant (e.g., the third-party merchant 162) who has been granted access, at least temporarily, to a token created for another merchant (e.g., the merchant 142). However, in some cases, the merchant may be the same merchant for whom the token was created. - At
block 2206, thetoken access system 122 generates a machine-readable code that includes the authentication factor and the merchant identifier. In some embodiments, the machine-readable code may include the authentication factor without including the merchant identifier. Further, in some cases, the machine-readable code may include a URL or URI for accessing a network page or webpage associated with thetokenization provider system 102. This webpage may be configured for receiving the authentication factor, for providing access to the token, and/or for providing access to CHD associated with the token. In some cases, the machine-readable code may include an expiration date (and/or time) or a creation date (and/or time). - The machine-readable code can include any type of machine-readable code. In some embodiments, the machine-readable code may include any code that is sufficiently dense so as to be capable of encoding the information described above with respect to the
block 2206 within a particular size code. In some cases, the machine-readable code may be a linear code (e.g., U.P.C., MSI,Code 128, etc.) or a stacked linear code (e.g., a stacked barcode). Alternatively, or in addition, the code may be a matrix, or 2D, type code. In certain embodiments, using a matrix type code enables more information to be encoded in the machine-readable code. Some examples of matrix type machine-readable codes that may be used herein include: Quick Response (QR) codes, Aztec Codes, ShotCodes, MaxiCodes, PDF417 codes, SmartCodes In some embodiments, machine-readable code may include a combination of machine-readable codes. - At
block 2208, thetoken access system 122 provides the machine-readable code to the merchant identified at the block 2204 (e.g., the third-party merchant 162). Providing the machine-readable code to the merchant includes emailing the machine-readable code to the merchant, presenting the machine-readable code via a webpage, presenting the machine-readable code via an application, such as an application for a mobile device or for a POS system. -
FIG. 23 illustrates a flow diagram for an example embodiment of aprocess 2300 for accessing CHD using a machine-readable code, such as a code received via theprocess 2200. Theprocess 2300 can be implemented by any system that can access a machine-readable code and extract an authentication factor stored in the machine-readable code. Further, theprocess 2300 may be performed by any system that can use the authentication factor stored in the machine-readable code to obtain access to a token associated with the authentication factor. For example, theprocess 2300, in whole or in part, can be implemented by one or more of thePOS 166, thecomputing system 164, acomputing system 1364, atoken access client 1390, and theCHD access system 1324, to name a few. Although any number of systems, in whole or in part, can implement theprocess 2300, to simplify discussion, theprocess 2300 will be described as being generally implemented by specific systems. - The
process 2300 begins atblock 2302 where, for example, thePOS 166 accesses a machine-readable code associated with a token. ThePOS 166 may include a scanner that can scan the machine-readable code. In some cases, the machine-readable code may be displayed on a screen of a computing system, such as thecomputing system 164, enabling the machine-readable code to be scanned from the screen. In other cases, the machine-readable code may be scanned from a handheld device (e.g., a smartphone) of a merchant (e.g., the third-party merchant 162). - At
block 2304, thePOS 166 extracts an authentication factor from the machine-readable code. For instance, thePOS 166 may extract a set of words encoded into the machine-readable code. In some cases, thePOS 166, or other system capable of scanning the machine-readable code, may scan the machine-readable code and provide information extracted from the machine-readable code to another computing system (e.g., the computing system 164). - At
block 2306, thePOS 166, or thecomputing system 164, provides the authentication factor to thetokenization provider system 102. In some cases, theblock 2306 includes determining the tokenization provider system that manages the token associated with the authentication factor and providing the authentication factor to the identified tokenization provider system. In some embodiments, providing the authentication factor to thetokenization provider system 102 includes extracting a URL or URI from the machine-readable code, opening a webpage associated with the URL or URI, and automatically providing the authentication factor via the webpage. In other cases, thecomputing system 164 may display the authentication factor to a user (e.g., the third-party merchant 162) thereby enabling the user to enter the authentication manually into the webpage. - At
block 2308, thecomputing system 164 authenticates the merchant user (e.g., the third-party merchant 162) to thetokenization provider system 102. Authenticating the merchant user can include accessing a digital certificate from a secure area of thecomputing system 164 and providing the digital certificate to thetokenization provider system 102. Alternatively, or in addition, authenticating the merchant user may include presenting the merchant user with a challenge-response authentication page provided by thetokenization provider system 102 for authentication the merchant user. In some embodiments, theblock 2308 may be optional. - At
block 2310, thePOS 166 receives from thetokenization provider system 102 access to the CHD associated with the token that is associated with the authentication factor provided at theblock 2306. In some cases, the receiving access to the CHD includes receiving a copy of the CHD to use for a transaction and/or for a limited period of time. In other cases, receiving access to the CHD includes being able to use the CHD at thetokenization provider system 102 by, for example, providing information for performing a transaction to thetokenization provider system 102, which can then complete the transaction using the CHD on behalf of the merchant user. - Some embodiments of the present disclosure relate to a system for sharing cardholder data (CHD). Further, in some embodiments, the system includes a token access client associated with a first merchant or a first merchant environment. The token access client may be configured to provide a request to obtain access to a token associated with CHD to a token access system associated with a second merchant or a second merchant environment. The request can include an authorization factor. In response to providing the request, the token access client may receive access to the token from the token access system. Further, the token access system can initiate a transaction using the token, thereby enabling the first merchant to initiate the transaction without receiving a copy of the CHD.
- In some embodiments, receiving access to the token includes receiving a copy of the token. Further, the token access client may be configured to initiate the transaction by providing transaction information to a tokenization provider system. In some cases, providing the transaction information to the tokenization provider system enables the tokenization provider system to perform the transaction. In some embodiments, the tokenization provider system generated the token.
- In some embodiments, receiving access to the token includes receiving authorization to use the token without receiving a copy of the token. Further, the token access client may be configured to initiate the transaction by providing transaction information to the token access system. In some cases, providing the transaction information to the token access system enables the token access system to initiate the transaction.
- In some embodiments, the request to obtain access to the token can include the transaction information. Further, the token access client may initiate the transaction by providing the request to the token access system.
- In some embodiments, the token access client may be configured to identify or to select a token access system from a plurality of token access systems. In some cases, the token access client may identify or select the token access system based, at least in part, on the authorization factor. Alternatively, or in addition, the token access client may identify or select the token access system based, at least in part, on a user configuration of the token access client. For example, the user may identify the token access system, or a merchant associated with the token access system, at or near a time of the request to obtain token access. As a second example, the user may configure the token access client to identify the token access system based on a set of codes, a type of transaction, or any other information that can be associated with a particular token access system.
- Although the authorization factor and the token are described above as including random or pseudo-random values, one or both of the authorization factor and the token may include non-random values. For example, a formula or algorithm may be used to identify one or more words from a dictionary to use as an authorization factor.
- Further, as has been described above, obtaining access to a token in some cases can include obtaining a copy of the token. In other cases, obtaining access to the token may include obtaining authorization to use the token, but may not include obtaining a copy of the token. Further, in some cases, obtaining access to the token may include obtaining permission to use the token whether or not a copy of the token is obtained.
- Although merchants have been described as employees of merchant environments (e.g., retail establishments or entities), in some cases, merchants may include the merchant environment. Further, in some cases, the merchant may be a single individual, an organization, or a plurality of individuals. Moreover, the merchant may be associated with a brick-and-mortar store, a network-based (e.g., Internet-based) store, or any other provider of goods or services.
- A number of the processes described above describe one or more systems interacting with a user. For example, the
process 500 describes receiving user authentication information associated with the third-party merchant 162 at the block 502. However, in certain embodiments, some or all of the previously described processes can be performed by one or more systems interacting with one or more additional systems. For instance, again using the block 502 as an example, the user authentication information may be associated with thecomputing system 164. Alternatively, or in addition, the user authentication information may be associated with the third-party merchant 162 and may be received from thecomputing system 164, either in response to a user command or through an automated process. - A number of computing systems have been described throughout this disclosure. The descriptions of these systems are not intended to limit the teachings or applicability of this disclosure. Further, the processing of the various components of the illustrated systems can be distributed across multiple machines, networks, and other computing resources. For example, the
token access system 122, theCHD access system 124, and theauthorization factor generator 128 can each be implemented as separate servers or computing systems, or alternatively, as one server or computing system. In addition, two or more components of a system can be combined into fewer components. Further, various components of the illustrated systems can be implemented in one or more virtual machines, rather than in dedicated computer hardware systems. Likewise, the data repositories shown can represent physical and/or logical data storage, including, for example, storage area networks or other distributed storage systems. Moreover, in some embodiments the connections between the components shown represent possible paths of data flow, rather than actual connections between hardware. While some examples of possible connections are shown, any of the subset of the components shown can communicate with any other subset of components in various implementations. - Depending on the embodiment, certain acts, events, or functions of any of the algorithms described herein can be performed in a different sequence, can be added, merged, or left out all together (e.g., not all described acts or events are necessary for the practice of the algorithms). Moreover, in certain embodiments, acts or events can be performed concurrently, e.g., through multi-threaded processing, interrupt processing, or multiple processors or processor cores or on other parallel architectures, rather than sequentially. Although certain computer-implemented tasks are described as being performed by a particular entity, other embodiments are possible in which these tasks are performed by a different entity.
- Each of the various illustrated systems may be implemented as a computing system that is programmed or configured to perform the various functions described herein. The computing system may include multiple distinct computers or computing devices (e.g., physical servers, workstations, storage arrays, etc.) that communicate and interoperate over a network to perform the described functions. Each such computing device typically includes a processor (or multiple processors) that executes program instructions or modules stored in a memory or other non-transitory computer-readable storage medium. The various functions disclosed herein may be embodied in such program instructions, although some or all of the disclosed functions may alternatively be implemented in application-specific circuitry (e.g., ASICs or FPGAs) of the computer system. Where the computing system includes multiple computing devices, these devices may, but need not, be co-located. The results of the disclosed methods and tasks may be persistently stored by transforming physical storage devices, such as solid state memory chips and/or magnetic disks, into a different state. Each service described, such as those shown in
FIG. 3 , may be implemented by one or more computing devices, such as one or more physical servers programmed with associated server code. - Conditional language used herein, such as, among others, “can,” “might,” “may,” “e.g.,” and the like, unless specifically stated otherwise, or otherwise understood within the context as used, is generally intended to convey that certain embodiments include, while other embodiments do not include, certain features, elements and/or states. Thus, such conditional language is not generally intended to imply that features, elements and/or states are in any way required for one or more embodiments or that one or more embodiments necessarily include logic for deciding, with or without author input or prompting, whether these features, elements and/or states are included or are to be performed in any particular embodiment.
- While the above detailed description has shown, described, and pointed out novel features as applied to various embodiments, it will be understood that various omissions, substitutions, and changes in the form and details of the devices or algorithms illustrated can be made without departing from the spirit of the disclosure. As will be recognized, the processes described herein can be embodied within a form that does not provide all of the features and benefits set forth herein, as some features can be used or practiced separately from others. The scope of protection is defined by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.
Claims (21)
1-11. (canceled)
12. A system for sharing access to cardholder data (CHD), the system comprising:
a token access system of a first merchant environment, the token access system comprising computer hardware and configured to:
receive cardholder data (CHD) of a cardholder;
obtain a token corresponding to the CHD, the token configured as a substitute for the CHD;
discard the CHD from the token access system;
receive a request to perform a transaction at a second merchant environment associated with a third-party; and
authorize the second merchant environment to access the token enabling the third-party to use the CHD to perform the transaction without the third-party having access to the CHD.
13. The system of claim 12 , wherein the token access system is further configured to obtain the token by at least:
transmitting the CHD to a tokenization provider system configured to generate tokens corresponding to received instances of CHD; and
receiving the token from the tokenization provider system.
14. The system of claim 12 , wherein the token is generated based on the CHD.
15. The system of claim 12 , wherein the token comprises unique data configured to represent the CHD.
16. The system of claim 12 , wherein the token is formatted to mimic CHD.
17. The system of claim 12 , wherein the token access system is further configured to authorize the second merchant environment to access the token by authorizing a user of the third-party to access the token at a tokenization provider system.
18. The system of claim 17 , wherein authorizing the user of the third-party to access the token comprises enabling the third-party to use the token without providing a copy of the token to the user.
19. The system of claim 17 , wherein receiving the request to perform the transaction comprises receiving transaction details for the transaction, and wherein the token access system is further configured to perform the transaction on behalf of the third-party using the transaction details and the token.
20. The system of claim 12 , wherein the token access system is further configured to:
generate an authorization factor;
associate the authorization factor with the third-party; and
provide the authorization factor to the third-party.
21. The system of claim 20 , wherein the authorization factor comprises one or more words, numbers, symbols, images, or sounds.
22. The system of claim 20 , wherein the token access system is further configured to:
receive the authorization factor from the third-party;
determine that the third-party is authorized to access the token based at least in part on the authorization factor; and
provide access to the token to the third-party.
23. A method of sharing access to cardholder data (CHD), the method comprising:
by a token access system comprising computer hardware of a first merchant,
receiving cardholder data (CHD) of a cardholder;
obtaining a token corresponding to the CHD, the token configured as a substitute for the CHD;
removing the CHD from the token access system;
receiving a request to perform a transaction at a second merchant; and
authorizing the second merchant to access the token enabling the second merchant to use the CHD to perform the transaction without having access to the CHD.
24. The method of claim 23 , wherein obtaining the token comprises:
transmitting the CHD to a tokenization provider system configured to generate tokens corresponding to received instances of CHD; and
receiving the token from the tokenization provider system.
25. The method of claim 23 , wherein authorizing the second merchant comprises enabling the second merchant to use the token without providing a copy of the token to the second merchant.
26. The method of claim 23 , wherein the token comprises unique data configured to represent the CHD.
27. The method of claim 23 , wherein the token is formatted to be used in place of the CHD.
28. The method of claim 23 , wherein authorizing the second merchant to access the token comprises authorizing the second merchant to access the token at a tokenization provider system.
29. The method of claim 23 , further comprising:
generating an authorization factor;
associating the authorization factor with the second merchant and the token; and
providing the authorization factor to the second merchant.
30. The method of claim 29 , further comprising:
receiving the authorization factor from the second merchant;
determining that the second merchant is authorized to access the token based at least in part on the authorization factor; and
providing access to the token to the second merchant.
31. The method of claim 23 , wherein receiving the request to perform the transaction comprises receiving transaction details for the transaction, and wherein the method further comprises performing the transaction on behalf of the second merchant using the transaction details and the token.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US16/693,035 US20200234287A1 (en) | 2011-04-15 | 2019-11-22 | Method and system for utilizing authorization factor pools |
Applications Claiming Priority (7)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201161476194P | 2011-04-15 | 2011-04-15 | |
US13/303,983 US9256874B2 (en) | 2011-04-15 | 2011-11-23 | Method and system for enabling merchants to share tokens |
US201261621222P | 2012-04-06 | 2012-04-06 | |
US201261714959P | 2012-10-17 | 2012-10-17 | |
US13/797,246 US8688589B2 (en) | 2011-04-15 | 2013-03-12 | Method and system for utilizing authorization factor pools |
US13/941,282 US10515356B2 (en) | 2011-04-15 | 2013-07-12 | Method and system for utilizing authorization factor pools |
US16/693,035 US20200234287A1 (en) | 2011-04-15 | 2019-11-22 | Method and system for utilizing authorization factor pools |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/941,282 Continuation US10515356B2 (en) | 2011-04-15 | 2013-07-12 | Method and system for utilizing authorization factor pools |
Publications (1)
Publication Number | Publication Date |
---|---|
US20200234287A1 true US20200234287A1 (en) | 2020-07-23 |
Family
ID=48798050
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/797,246 Active US8688589B2 (en) | 2011-04-15 | 2013-03-12 | Method and system for utilizing authorization factor pools |
US13/941,282 Active 2036-05-01 US10515356B2 (en) | 2011-04-15 | 2013-07-12 | Method and system for utilizing authorization factor pools |
US16/693,035 Abandoned US20200234287A1 (en) | 2011-04-15 | 2019-11-22 | Method and system for utilizing authorization factor pools |
Family Applications Before (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/797,246 Active US8688589B2 (en) | 2011-04-15 | 2013-03-12 | Method and system for utilizing authorization factor pools |
US13/941,282 Active 2036-05-01 US10515356B2 (en) | 2011-04-15 | 2013-07-12 | Method and system for utilizing authorization factor pools |
Country Status (1)
Country | Link |
---|---|
US (3) | US8688589B2 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11706225B1 (en) | 2022-05-02 | 2023-07-18 | Bank Of America Corporation | System for source independent but source value dependent transfer monitoring |
Families Citing this family (151)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100805341B1 (en) * | 1999-06-18 | 2008-02-20 | 이촤지 코포레이션 | Method and apparatus for ordering goods, services and content over an internetwork using a virtual payment account |
US20140019352A1 (en) | 2011-02-22 | 2014-01-16 | Visa International Service Association | Multi-purpose virtual card transaction apparatuses, methods and systems |
US8762263B2 (en) | 2005-09-06 | 2014-06-24 | Visa U.S.A. Inc. | System and method for secured account numbers in proximity devices |
US7739169B2 (en) | 2007-06-25 | 2010-06-15 | Visa U.S.A. Inc. | Restricting access to compromised account information |
US8121956B2 (en) | 2007-06-25 | 2012-02-21 | Visa U.S.A. Inc. | Cardless challenge systems and methods |
US7937324B2 (en) | 2007-09-13 | 2011-05-03 | Visa U.S.A. Inc. | Account permanence |
US8219489B2 (en) | 2008-07-29 | 2012-07-10 | Visa U.S.A. Inc. | Transaction processing using a global unique identifier |
CA2742963A1 (en) | 2008-11-06 | 2010-05-14 | Visa International Service Association | Online challenge-response |
US9715681B2 (en) | 2009-04-28 | 2017-07-25 | Visa International Service Association | Verification of portable consumer devices |
US7891560B2 (en) | 2009-05-15 | 2011-02-22 | Visa International Service Assocation | Verification of portable consumer devices |
US9038886B2 (en) | 2009-05-15 | 2015-05-26 | Visa International Service Association | Verification of portable consumer devices |
US8602293B2 (en) | 2009-05-15 | 2013-12-10 | Visa International Service Association | Integration of verification tokens with portable computing devices |
US8893967B2 (en) | 2009-05-15 | 2014-11-25 | Visa International Service Association | Secure Communication of payment information to merchants using a verification token |
US9105027B2 (en) | 2009-05-15 | 2015-08-11 | Visa International Service Association | Verification of portable consumer device for secure services |
US10846683B2 (en) | 2009-05-15 | 2020-11-24 | Visa International Service Association | Integration of verification tokens with mobile communication devices |
US8534564B2 (en) | 2009-05-15 | 2013-09-17 | Ayman Hammad | Integration of verification tokens with mobile communication devices |
US10140598B2 (en) | 2009-05-20 | 2018-11-27 | Visa International Service Association | Device including encrypted data for expiration date and verification value creation |
US10255591B2 (en) | 2009-12-18 | 2019-04-09 | Visa International Service Association | Payment channel returning limited use proxy dynamic value |
WO2011088109A2 (en) | 2010-01-12 | 2011-07-21 | Visa International Service Association | Anytime validation for verification tokens |
US10255601B2 (en) | 2010-02-25 | 2019-04-09 | Visa International Service Association | Multifactor authentication using a directory server |
US9245267B2 (en) | 2010-03-03 | 2016-01-26 | Visa International Service Association | Portable account number for consumer payment account |
US9342832B2 (en) | 2010-08-12 | 2016-05-17 | Visa International Service Association | Securing external systems with account token substitution |
WO2012112822A2 (en) | 2011-02-16 | 2012-08-23 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
US10586227B2 (en) | 2011-02-16 | 2020-03-10 | Visa International Service Association | Snap mobile payment apparatuses, methods and systems |
SG193510A1 (en) | 2011-02-22 | 2013-10-30 | Visa Int Service Ass | Universal electronic payment apparatuses, methods and systems |
CN103503010B (en) | 2011-03-04 | 2017-12-29 | 维萨国际服务协会 | Ability to pay is bound to the safety element of computer |
WO2012142045A2 (en) | 2011-04-11 | 2012-10-18 | Visa International Service Association | Multiple tokenization for authentication |
US8688589B2 (en) | 2011-04-15 | 2014-04-01 | Shift4 Corporation | Method and system for utilizing authorization factor pools |
US9256874B2 (en) | 2011-04-15 | 2016-02-09 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
US9818111B2 (en) | 2011-04-15 | 2017-11-14 | Shift4 Corporation | Merchant-based token sharing |
WO2013006725A2 (en) | 2011-07-05 | 2013-01-10 | Visa International Service Association | Electronic wallet checkout platform apparatuses, methods and systems |
US9582598B2 (en) | 2011-07-05 | 2017-02-28 | Visa International Service Association | Hybrid applications utilizing distributed models and views apparatuses, methods and systems |
US9355393B2 (en) | 2011-08-18 | 2016-05-31 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US9704155B2 (en) | 2011-07-29 | 2017-07-11 | Visa International Service Association | Passing payment tokens through an hop/sop |
US10242358B2 (en) | 2011-08-18 | 2019-03-26 | Visa International Service Association | Remote decoupled application persistent state apparatuses, methods and systems |
US9710807B2 (en) | 2011-08-18 | 2017-07-18 | Visa International Service Association | Third-party value added wallet features and interfaces apparatuses, methods and systems |
US10825001B2 (en) | 2011-08-18 | 2020-11-03 | Visa International Service Association | Multi-directional wallet connector apparatuses, methods and systems |
US9165294B2 (en) | 2011-08-24 | 2015-10-20 | Visa International Service Association | Method for using barcodes and mobile devices to conduct payment transactions |
US10223730B2 (en) | 2011-09-23 | 2019-03-05 | Visa International Service Association | E-wallet store injection search apparatuses, methods and systems |
US10223710B2 (en) | 2013-01-04 | 2019-03-05 | Visa International Service Association | Wearable intelligent vision device apparatuses, methods and systems |
RU2631983C2 (en) | 2012-01-05 | 2017-09-29 | Виза Интернэшнл Сервис Ассосиэйшн | Data protection with translation |
US9830595B2 (en) | 2012-01-26 | 2017-11-28 | Visa International Service Association | System and method of providing tokenization as a service |
AU2013214801B2 (en) | 2012-02-02 | 2018-06-21 | Visa International Service Association | Multi-source, multi-dimensional, cross-entity, multimedia database platform apparatuses, methods and systems |
US10282724B2 (en) | 2012-03-06 | 2019-05-07 | Visa International Service Association | Security system incorporating mobile device |
US10423952B2 (en) * | 2013-05-06 | 2019-09-24 | Institutional Cash Distributors Technology, Llc | Encapsulated security tokens for electronic transactions |
US10410212B2 (en) * | 2012-05-04 | 2019-09-10 | Institutional Cash Distributors Technology, Llc | Secure transaction object creation, propagation and invocation |
WO2013166501A1 (en) | 2012-05-04 | 2013-11-07 | Visa International Service Association | System and method for local data conversion |
US11334884B2 (en) * | 2012-05-04 | 2022-05-17 | Institutional Cash Distributors Technology, Llc | Encapsulated security tokens for electronic transactions |
US9524501B2 (en) | 2012-06-06 | 2016-12-20 | Visa International Service Association | Method and system for correlating diverse transaction data |
US9547769B2 (en) | 2012-07-03 | 2017-01-17 | Visa International Service Association | Data protection hub |
US9846861B2 (en) | 2012-07-25 | 2017-12-19 | Visa International Service Association | Upstream and downstream data conversion |
US9256871B2 (en) | 2012-07-26 | 2016-02-09 | Visa U.S.A. Inc. | Configurable payment tokens |
US9665722B2 (en) | 2012-08-10 | 2017-05-30 | Visa International Service Association | Privacy firewall |
WO2014043278A1 (en) | 2012-09-11 | 2014-03-20 | Visa International Service Association | Cloud-based virtual wallet nfc apparatuses, methods and systems |
US10176478B2 (en) | 2012-10-23 | 2019-01-08 | Visa International Service Association | Transaction initiation determination system utilizing transaction data elements |
US9911118B2 (en) | 2012-11-21 | 2018-03-06 | Visa International Service Association | Device pairing via trusted intermediary |
US10304047B2 (en) | 2012-12-07 | 2019-05-28 | Visa International Service Association | Token generating component |
US9741051B2 (en) | 2013-01-02 | 2017-08-22 | Visa International Service Association | Tokenization and third-party interaction |
US10740731B2 (en) | 2013-01-02 | 2020-08-11 | Visa International Service Association | Third party settlement |
US11055710B2 (en) | 2013-05-02 | 2021-07-06 | Visa International Service Association | Systems and methods for verifying and processing transactions using virtual currency |
US11410173B1 (en) * | 2013-05-07 | 2022-08-09 | Amazon Technologies, Inc. | Tokenization web services |
SG11201509386UA (en) | 2013-05-15 | 2015-12-30 | Visa Int Service Ass | Mobile tokenization hub |
US9081978B1 (en) * | 2013-05-30 | 2015-07-14 | Amazon Technologies, Inc. | Storing tokenized information in untrusted environments |
US10878422B2 (en) | 2013-06-17 | 2020-12-29 | Visa International Service Association | System and method using merchant token |
CN113469670B (en) | 2013-07-24 | 2024-04-05 | 维萨国际服务协会 | System and method for ensuring data transfer risk using tokens |
AU2014294613B2 (en) | 2013-07-26 | 2017-03-16 | Visa International Service Association | Provisioning payment credentials to a consumer |
US10496986B2 (en) | 2013-08-08 | 2019-12-03 | Visa International Service Association | Multi-network tokenization processing |
CN114819961A (en) | 2013-08-08 | 2022-07-29 | 维萨国际服务协会 | Method and system for provisioning payment credentials for mobile devices |
JP6386567B2 (en) | 2013-10-11 | 2018-09-05 | ビザ インターナショナル サービス アソシエーション | Network token system |
US9978094B2 (en) | 2013-10-11 | 2018-05-22 | Visa International Service Association | Tokenization revocation list |
US10515358B2 (en) | 2013-10-18 | 2019-12-24 | Visa International Service Association | Contextual transaction token methods and systems |
US10489779B2 (en) | 2013-10-21 | 2019-11-26 | Visa International Service Association | Multi-network token bin routing with defined verification parameters |
US10366387B2 (en) | 2013-10-29 | 2019-07-30 | Visa International Service Association | Digital wallet system and method |
CN104660549B (en) * | 2013-11-19 | 2017-12-15 | 深圳市腾讯计算机系统有限公司 | Auth method and device |
AU2014353151B2 (en) | 2013-11-19 | 2018-03-08 | Visa International Service Association | Automated account provisioning |
US9922322B2 (en) | 2013-12-19 | 2018-03-20 | Visa International Service Association | Cloud-based transactions with magnetic secure transmission |
BR112016014106A2 (en) | 2013-12-19 | 2017-08-08 | Visa Int Service Ass | METHOD FOR ENHANCED SECURITY OF A COMMUNICATION DEVICE, AND, COMMUNICATION DEVICE |
US10433128B2 (en) | 2014-01-07 | 2019-10-01 | Visa International Service Association | Methods and systems for provisioning multiple devices |
US9846878B2 (en) | 2014-01-14 | 2017-12-19 | Visa International Service Association | Payment account identifier system |
US10026087B2 (en) | 2014-04-08 | 2018-07-17 | Visa International Service Association | Data passed in an interaction |
US9942043B2 (en) | 2014-04-23 | 2018-04-10 | Visa International Service Association | Token security on a communication device |
US10997592B1 (en) | 2014-04-30 | 2021-05-04 | Wells Fargo Bank, N.A. | Mobile wallet account balance systems and methods |
US11288660B1 (en) | 2014-04-30 | 2022-03-29 | Wells Fargo Bank, N.A. | Mobile wallet account balance systems and methods |
US11610197B1 (en) | 2014-04-30 | 2023-03-21 | Wells Fargo Bank, N.A. | Mobile wallet rewards redemption systems and methods |
US11615401B1 (en) | 2014-04-30 | 2023-03-28 | Wells Fargo Bank, N.A. | Mobile wallet authentication systems and methods |
US9652770B1 (en) | 2014-04-30 | 2017-05-16 | Wells Fargo Bank, N.A. | Mobile wallet using tokenized card systems and methods |
US11748736B1 (en) | 2014-04-30 | 2023-09-05 | Wells Fargo Bank, N.A. | Mobile wallet integration within mobile banking |
US11461766B1 (en) | 2014-04-30 | 2022-10-04 | Wells Fargo Bank, N.A. | Mobile wallet using tokenized card systems and methods |
US11030587B2 (en) * | 2014-04-30 | 2021-06-08 | Mastercard International Incorporated | Systems and methods for providing anonymized transaction data to third-parties |
SG11201608973TA (en) | 2014-05-01 | 2016-11-29 | Visa Int Service Ass | Data verification using access device |
KR20160146784A (en) | 2014-05-05 | 2016-12-21 | 비자 인터네셔널 서비스 어소시에이션 | System and method for token domain control |
EP3146747B1 (en) | 2014-05-21 | 2020-07-01 | Visa International Service Association | Offline authentication |
US11023890B2 (en) | 2014-06-05 | 2021-06-01 | Visa International Service Association | Identification and verification for provisioning mobile application |
US9780953B2 (en) | 2014-07-23 | 2017-10-03 | Visa International Service Association | Systems and methods for secure detokenization |
US10484345B2 (en) | 2014-07-31 | 2019-11-19 | Visa International Service Association | System and method for identity verification across mobile applications |
US10445739B1 (en) | 2014-08-14 | 2019-10-15 | Wells Fargo Bank, N.A. | Use limitations for secondary users of financial accounts |
US9775029B2 (en) | 2014-08-22 | 2017-09-26 | Visa International Service Association | Embedding cloud-based functionalities in a communication device |
EP3189414A4 (en) * | 2014-08-22 | 2018-04-18 | Priv8Pay, Inc. | Verification system for secure transmission in a distributed processing network |
US10140615B2 (en) | 2014-09-22 | 2018-11-27 | Visa International Service Association | Secure mobile device credential provisioning using risk decision non-overrides |
EP3198907B1 (en) | 2014-09-26 | 2019-04-10 | Visa International Service Association | Remote server encrypted data provisioning system and methods |
US11257074B2 (en) | 2014-09-29 | 2022-02-22 | Visa International Service Association | Transaction risk based token |
US10015147B2 (en) | 2014-10-22 | 2018-07-03 | Visa International Service Association | Token enrollment system and method |
GB201419016D0 (en) | 2014-10-24 | 2014-12-10 | Visa Europe Ltd | Transaction Messaging |
US10325261B2 (en) | 2014-11-25 | 2019-06-18 | Visa International Service Association | Systems communications with non-sensitive identifiers |
SG11201702763TA (en) | 2014-11-26 | 2017-05-30 | Visa Int Service Ass | Tokenization request via access device |
US10257185B2 (en) | 2014-12-12 | 2019-04-09 | Visa International Service Association | Automated access data provisioning |
CN107005563B (en) | 2014-12-12 | 2021-03-30 | 维萨国际服务协会 | Supply platform for machine-to-machine devices |
US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
US10096009B2 (en) | 2015-01-20 | 2018-10-09 | Visa International Service Association | Secure payment processing using authorization request |
US11250391B2 (en) | 2015-01-30 | 2022-02-15 | Visa International Service Association | Token check offline |
WO2016126729A1 (en) | 2015-02-03 | 2016-08-11 | Visa International Service Association | Validation identity tokens for transactions |
US10977657B2 (en) | 2015-02-09 | 2021-04-13 | Visa International Service Association | Token processing utilizing multiple authorizations |
US11853919B1 (en) | 2015-03-04 | 2023-12-26 | Wells Fargo Bank, N.A. | Systems and methods for peer-to-peer funds requests |
US10164996B2 (en) | 2015-03-12 | 2018-12-25 | Visa International Service Association | Methods and systems for providing a low value token buffer |
US11429975B1 (en) * | 2015-03-27 | 2022-08-30 | Wells Fargo Bank, N.A. | Token management system |
SG10201908338TA (en) | 2015-04-10 | 2019-10-30 | Visa Int Service Ass | Browser integration with cryptogram |
US9998978B2 (en) | 2015-04-16 | 2018-06-12 | Visa International Service Association | Systems and methods for processing dormant virtual access devices |
US10552834B2 (en) | 2015-04-30 | 2020-02-04 | Visa International Service Association | Tokenization capable authentication framework |
WO2017066792A1 (en) | 2015-10-15 | 2017-04-20 | Visa International Service Association | Instant token issuance system |
US10664843B2 (en) | 2015-12-04 | 2020-05-26 | Visa International Service Association | Unique code for token verification |
AU2017206119B2 (en) | 2016-01-07 | 2020-10-29 | Visa International Service Association | Systems and methods for device push provisioning |
US11042878B2 (en) | 2016-01-19 | 2021-06-22 | Priv8Pay, Inc. | Network node authentication |
AU2017214412A1 (en) | 2016-02-01 | 2018-06-28 | Visa International Service Association | Systems and methods for code display and use |
US11501288B2 (en) | 2016-02-09 | 2022-11-15 | Visa International Service Association | Resource provider account token provisioning and processing |
US10313321B2 (en) | 2016-04-07 | 2019-06-04 | Visa International Service Association | Tokenization of co-network accounts |
CN109074578A (en) | 2016-04-19 | 2018-12-21 | 维萨国际服务协会 | System and method for executing push transaction |
US11250424B2 (en) | 2016-05-19 | 2022-02-15 | Visa International Service Association | Systems and methods for creating subtokens using primary tokens |
RU2018144220A (en) | 2016-06-03 | 2020-07-09 | Виза Интернэшнл Сервис Ассосиэйшн | SUB-TOKEN MANAGEMENT SYSTEM FOR CONNECTED DEVICES |
US11068899B2 (en) | 2016-06-17 | 2021-07-20 | Visa International Service Association | Token aggregation for multi-party transactions |
AU2017281938A1 (en) | 2016-06-24 | 2018-10-25 | Visa International Service Association | Unique token authentication cryptogram |
BR112018076196A2 (en) | 2016-07-11 | 2019-03-26 | Visa International Service Association | method, and portable communication and access devices. |
CA3026224A1 (en) | 2016-07-19 | 2018-01-25 | Visa International Service Association | Method of distributing tokens and managing token relationships |
US10509779B2 (en) | 2016-09-14 | 2019-12-17 | Visa International Service Association | Self-cleaning token vault |
CN110036386B (en) | 2016-11-28 | 2023-08-22 | 维萨国际服务协会 | Access identifier supplied to application program |
US10915899B2 (en) | 2017-03-17 | 2021-02-09 | Visa International Service Association | Replacing token on a multi-token user device |
US10902418B2 (en) | 2017-05-02 | 2021-01-26 | Visa International Service Association | System and method using interaction token |
US11494765B2 (en) | 2017-05-11 | 2022-11-08 | Visa International Service Association | Secure remote transaction system using mobile devices |
US10491389B2 (en) | 2017-07-14 | 2019-11-26 | Visa International Service Association | Token provisioning utilizing a secure authentication system |
US20190220850A1 (en) * | 2018-01-12 | 2019-07-18 | Mastercard International Incorporated | Systems and Methods for Use in Pairing Electronic Wallets |
EP3762844A4 (en) | 2018-03-07 | 2021-04-21 | Visa International Service Association | Secure remote token release with online authentication |
US10915897B2 (en) * | 2018-06-13 | 2021-02-09 | Clover Network, Inc. | Token management for enhanced omni-channel payments experience and analytics |
US11256789B2 (en) | 2018-06-18 | 2022-02-22 | Visa International Service Association | Recurring token transactions |
US11651369B2 (en) * | 2018-07-12 | 2023-05-16 | American Express Travel Related Services Company, Inc. | Remote EMV payment applications |
US11777934B2 (en) | 2018-08-22 | 2023-10-03 | Visa International Service Association | Method and system for token provisioning and processing |
US12045809B1 (en) | 2018-08-30 | 2024-07-23 | Wells Fargo Bank, N.A. | Biller consortium enrollment and transaction management engine |
US11182746B2 (en) * | 2018-09-17 | 2021-11-23 | Servicenow, Inc. | Systems and methods for integrating third-party services with a client instance |
SG11202103377WA (en) | 2018-10-08 | 2021-04-29 | Visa Int Service Ass | Techniques for token proximity transactions |
WO2020102484A1 (en) | 2018-11-14 | 2020-05-22 | Visa International Service Association | Cloud token provisioning of multiple tokens |
SG11202108626QA (en) | 2019-05-17 | 2021-09-29 | Visa Int Service Ass | Virtual access credential interaction system and method |
US11551190B1 (en) | 2019-06-03 | 2023-01-10 | Wells Fargo Bank, N.A. | Instant network cash transfer at point of sale |
US11995621B1 (en) | 2021-10-22 | 2024-05-28 | Wells Fargo Bank, N.A. | Systems and methods for native, non-native, and hybrid registration and use of tags for real-time services |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040148290A1 (en) * | 2000-05-02 | 2004-07-29 | International Business Machines Corporation | Method, system and program product for private data access or use based on related public data |
US20040153451A1 (en) * | 2002-11-15 | 2004-08-05 | John Phillips | Methods and systems for sharing data |
US20090183250A1 (en) * | 2008-01-15 | 2009-07-16 | Noriaki Harada | Apparatus, system, and method for transferring authority |
US20110161233A1 (en) * | 2009-12-30 | 2011-06-30 | First Data Corporation | Secure transaction management |
US8655719B1 (en) * | 2007-07-25 | 2014-02-18 | Hewlett-Packard Development Company, L.P. | Mediating customer-driven exchange of access to personal data for personalized merchant offers |
Family Cites Families (43)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4528643A (en) | 1983-01-10 | 1985-07-09 | Fpdc, Inc. | System for reproducing information in material objects at a point of sale location |
US5961593A (en) | 1997-01-22 | 1999-10-05 | Lucent Technologies, Inc. | System and method for providing anonymous personalized browsing by a proxy system in a network |
US20020133412A1 (en) | 1997-03-07 | 2002-09-19 | David M. Oliver | System for management of transactions on networks |
US6523041B1 (en) | 1997-07-29 | 2003-02-18 | Acxiom Corporation | Data linking system and method using tokens |
US6636833B1 (en) * | 1998-03-25 | 2003-10-21 | Obis Patents Ltd. | Credit card system and method |
US6327578B1 (en) | 1998-12-29 | 2001-12-04 | International Business Machines Corporation | Four-party credit/debit payment protocol |
WO2001001280A2 (en) | 1999-06-30 | 2001-01-04 | Catalog City, Inc. | Method and system for sharing cookie information during internet transactions |
US20020152180A1 (en) | 1999-09-10 | 2002-10-17 | Paul Turgeon | System and method for performing secure remote real-time financial transactions over a public communications infrastructure with strong authentication |
US7328189B2 (en) | 2000-01-26 | 2008-02-05 | Paybyclick Corporation | Method and apparatus for conducting electronic commerce transactions using electronic tokens |
US6938019B1 (en) | 2000-08-29 | 2005-08-30 | Uzo Chijioke Chukwuemeka | Method and apparatus for making secure electronic payments |
US7225156B2 (en) * | 2001-07-11 | 2007-05-29 | Fisher Douglas C | Persistent dynamic payment service |
GB0204620D0 (en) | 2002-02-28 | 2002-04-10 | Europay Internat N V | Chip authentication programme |
KR100450402B1 (en) | 2002-04-17 | 2004-09-30 | 한국전자통신연구원 | Access control method by a token with security attributes in computer system |
EP1644861A4 (en) * | 2003-07-02 | 2009-05-13 | Visa Int Service Ass | Managing activation of cardholders in a secure authentication program |
US7039611B2 (en) * | 2003-11-06 | 2006-05-02 | Visa U.S.A., Inc. | Managing attempts to initiate authentication of electronic commerce card transactions |
JP4245523B2 (en) | 2004-07-02 | 2009-03-25 | 日本電信電話株式会社 | Electronic right assignment processing method, electronic right assignment management system and apparatus, and program |
WO2006004441A2 (en) | 2004-07-05 | 2006-01-12 | Eftwire Limited | Electronic banking |
US7548889B2 (en) * | 2005-01-24 | 2009-06-16 | Microsoft Corporation | Payment information security for multi-merchant purchasing environment for downloadable products |
JP5207965B2 (en) | 2005-05-06 | 2013-06-12 | ベリサイン・インコーポレイテッド | Token sharing system and method |
US20060282372A1 (en) | 2005-06-09 | 2006-12-14 | Endres Timothy G | Method to secure credit card information stored electronically |
JP4766249B2 (en) | 2006-03-01 | 2011-09-07 | 日本電気株式会社 | Token transfer method, token transfer system, and authority authentication permission server |
US7554987B2 (en) * | 2006-10-10 | 2009-06-30 | Motorola, Inc. | Quality of service modification using a token in a communication network |
US20080208697A1 (en) | 2007-02-23 | 2008-08-28 | Kargman James B | Secure system and method for payment card and data storage and processing via information splitting |
GB0706286D0 (en) | 2007-03-30 | 2007-05-09 | Elliott Antony W | Token transfer |
DE602007012538D1 (en) | 2007-07-27 | 2011-03-31 | Ntt Docomo Inc | Method and apparatus for performing delegated transactions |
US9348991B2 (en) * | 2008-05-20 | 2016-05-24 | International Business Machines Corporation | User management of authentication tokens |
US8651374B2 (en) | 2008-06-02 | 2014-02-18 | Sears Brands, L.L.C. | System and method for payment card industry enterprise account number elimination |
US7694130B1 (en) * | 2008-09-12 | 2010-04-06 | Michael Anthony Martinez | System and method to authenticate a user utilizing a time-varying auxiliary code |
US8612305B2 (en) * | 2008-10-31 | 2013-12-17 | Visa International Service Association | User enhanced authentication system for online purchases |
US8434131B2 (en) | 2009-03-20 | 2013-04-30 | Commvault Systems, Inc. | Managing connections in a data storage system |
US20100276484A1 (en) | 2009-05-01 | 2010-11-04 | Ashim Banerjee | Staged transaction token for merchant rating |
WO2011146711A1 (en) | 2010-05-21 | 2011-11-24 | Hsbc Technologies Inc. | Account opening computer system architecture and process for implementing same |
US9342832B2 (en) | 2010-08-12 | 2016-05-17 | Visa International Service Association | Securing external systems with account token substitution |
WO2012142045A2 (en) * | 2011-04-11 | 2012-10-18 | Visa International Service Association | Multiple tokenization for authentication |
US8688589B2 (en) | 2011-04-15 | 2014-04-01 | Shift4 Corporation | Method and system for utilizing authorization factor pools |
US9256874B2 (en) | 2011-04-15 | 2016-02-09 | Shift4 Corporation | Method and system for enabling merchants to share tokens |
US9818111B2 (en) | 2011-04-15 | 2017-11-14 | Shift4 Corporation | Merchant-based token sharing |
EP2697756A4 (en) | 2011-04-15 | 2014-09-10 | Shift4 Corp | Method and system for enabling merchants to share tokens |
US8898628B2 (en) | 2011-09-23 | 2014-11-25 | Ahmad RAZA | Method and an apparatus for developing software |
US9407626B2 (en) * | 2011-09-29 | 2016-08-02 | Red Hat, Inc. | Security token management service hosting in application server |
US20130185210A1 (en) | 2011-10-21 | 2013-07-18 | The Board of Trustees of the Leland Stanford, Junior, University | Method and System for Making Digital Payments |
US9830595B2 (en) * | 2012-01-26 | 2017-11-28 | Visa International Service Association | System and method of providing tokenization as a service |
US8595850B2 (en) * | 2012-01-30 | 2013-11-26 | Voltage Security, Inc. | System for protecting sensitive data with distributed tokenization |
-
2013
- 2013-03-12 US US13/797,246 patent/US8688589B2/en active Active
- 2013-07-12 US US13/941,282 patent/US10515356B2/en active Active
-
2019
- 2019-11-22 US US16/693,035 patent/US20200234287A1/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040148290A1 (en) * | 2000-05-02 | 2004-07-29 | International Business Machines Corporation | Method, system and program product for private data access or use based on related public data |
US20040153451A1 (en) * | 2002-11-15 | 2004-08-05 | John Phillips | Methods and systems for sharing data |
US8655719B1 (en) * | 2007-07-25 | 2014-02-18 | Hewlett-Packard Development Company, L.P. | Mediating customer-driven exchange of access to personal data for personalized merchant offers |
US20090183250A1 (en) * | 2008-01-15 | 2009-07-16 | Noriaki Harada | Apparatus, system, and method for transferring authority |
US20110161233A1 (en) * | 2009-12-30 | 2011-06-30 | First Data Corporation | Secure transaction management |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11706225B1 (en) | 2022-05-02 | 2023-07-18 | Bank Of America Corporation | System for source independent but source value dependent transfer monitoring |
Also Published As
Publication number | Publication date |
---|---|
US10515356B2 (en) | 2019-12-24 |
US20130191289A1 (en) | 2013-07-25 |
US20130304649A1 (en) | 2013-11-14 |
US8688589B2 (en) | 2014-04-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20200234287A1 (en) | Method and system for utilizing authorization factor pools | |
US11538026B2 (en) | Method and system for enabling merchants to share tokens | |
US9818111B2 (en) | Merchant-based token sharing | |
CA2832754C (en) | Method and system for enabling merchants to share tokens | |
US11936644B2 (en) | Verifying party identities for secure transactions | |
US20190044700A1 (en) | Registry blockchain architecture | |
US20170201518A1 (en) | Method and system for real-time authentication of user access to a resource | |
US11750385B2 (en) | System and method for authenticating a user | |
US20130226813A1 (en) | Cyberspace Identification Trust Authority (CITA) System and Method | |
US9256724B2 (en) | Method and system for authorizing an action at a site | |
US20140223520A1 (en) | Guardian control over electronic actions | |
US9294918B2 (en) | Method and system for secure remote login of a mobile device | |
US20210312576A1 (en) | System for authenticating patron computing device and allowing ordering food therefrom at restaurant | |
JPWO2010016163A1 (en) | Batch stop processing / settlement proxy processing server device and program | |
JP2014056550A (en) | User information management device, user information management method, and user information management program | |
US20240205218A1 (en) | Verifying party identities for secure transactions | |
US8613105B2 (en) | Method and apparatus for storing confidential information | |
US20210133760A1 (en) | Multi-factor authentication for business to consumer transactions | |
US11893570B1 (en) | Token based demand and remand system | |
WO2021211557A1 (en) | Health pass systems and methods | |
JP5410712B2 (en) | Account information management system, management method, and computer program | |
US11695548B1 (en) | Systems and methods for network authentication with a shared secret | |
US20240146795A1 (en) | Sharing contact informataion | |
US20230421399A1 (en) | Cross chain access granting to applications | |
US20150269662A1 (en) | Method and apparatus for verifying a validity of communication from a fraud detection service |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |