-
公开(公告)号:US20190172061A1
公开(公告)日:2019-06-06
申请号:US16266571
申请日:2019-02-04
发明人: Michael A. Keresman, III , Chandra Balasubramanian , Gary Bender , Mark Carlson , Ed Katzin , Francis M. Sherwin
摘要: A method for obscuring a value of a sensitive data element includes: (a) receiving the sensitive data element, the sensitive data element being received over a data communications network (110) at a hardware computing device (142) of a trusted tokenization service provider (140); (b) generating a token corresponding to the received sensitive data element; (c) storing the token and sensitive data element in a memory device (146) such that they are correlated with one another; (d) providing the generated token to a first party (130) that uses the token in place of the sensitive data element in a request for authorization to complete a transaction, the request being sent from the first party (130); (e) intercepting the request for authorization including the token; (f) using the token contained in the intercepted request to look-up and retrieve the correlated sensitive data element in the memory device (160); (g) replacing the token contained in the request with the sensitive data element retrieved from the memory device (160); and (h) forwarding the request containing the sensitive data element to a second party (160 and/or 162) which employs the sensitive data element to determine whether completion of the transaction should be authorized or declined.
-
公开(公告)号:US10210511B2
公开(公告)日:2019-02-19
申请号:US14472874
申请日:2014-08-29
摘要: A method is provided for completing an authenticated commercial transaction over an internet protocol (IP) network (40) for an account holder (60) engaged in the transaction via a non-IP based telecommunications platform (30). The method includes: receiving a first message from the account holder (60) via the non-IP based telecommunications platform (30), the first message triggering authentication of the account holder (60) and being in a first communication format; establishing account information for a payment instrument being used in the transaction based upon content in the first message; generating a second message using a second communication format different from the first format, the second message including the established account information; submitting the second message via the IP network (40) to a network entity (110, 200) such that an authentication document is generated (120), the authentication document (120) containing an input field (122); generating a third message using the first format, the third message being submitted to the account holder (60) via the non-IP based telecommunications platform (30) such that the account holder (60) is prompted to enter a security code; receiving a fourth message containing the entered security code from the account holder (60) via the non-IP based telecommunications platform (30), the fourth message being in the first format; and, accessing the authentication document (120) via the IP network (40) to fill-in the input field (122) of the authentication document (120) with the security code contained in the fourth message.
-
公开(公告)号:US20220005030A1
公开(公告)日:2022-01-06
申请号:US17478158
申请日:2021-09-17
发明人: Erik Nils Enright , Adam Ratica , Michael A. Keresman, III , Francis M. Sherwin , Chandra S. Balasubramanian
摘要: A system of electronic communication is disclosed. The system may: create a Pre-Authentication Transaction Number (Pre-ATN) by combining a number with a Special Encode Value (SEV), wherein the SEV is a single digit integer value; encrypt the Pre-ATN using a Format Preserving Encryption (FPE) to generate an encrypted Authentication Transaction Number (ATN); and send the encrypted ATN to an access control server (ACS) to use the encrypted ATN to generate a cardholder Authentication Verification Value (CAVV) or an Accountholder Authentication Value (AAV).
-
公开(公告)号:US10223695B2
公开(公告)日:2019-03-05
申请号:US16009476
申请日:2018-06-15
发明人: Ravishankar S. Bhagavatula , Chandra Balasubramanian , Francis M. Sherwin , Michael A. Keresman, III , Jeffry J. Bowman
摘要: A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user's identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user's identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.
-
公开(公告)号:US20180300726A1
公开(公告)日:2018-10-18
申请号:US16009476
申请日:2018-06-15
发明人: Ravishankar S. Bhagavatula , Chandra Balasubramanian , Francis M. Sherwin , Michael A. Keresman, III , Jeffry J. Bowman
CPC分类号: G06Q20/4014 , G06F21/31 , G06F21/445 , G06Q30/06 , H04L63/08 , H04L63/083
摘要: A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user's identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user's identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.
-
公开(公告)号:US10032165B2
公开(公告)日:2018-07-24
申请号:US14026326
申请日:2013-09-13
发明人: Ravishankar S. Bhagavatula , Chandra Balasubramanian , Francis M. Sherwin , Michael A. Keresman, III , Jeffry J. Bowman
摘要: A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user's identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user's identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.
-
公开(公告)号:US09990627B2
公开(公告)日:2018-06-05
申请号:US14026299
申请日:2013-09-13
发明人: Ravishankar S. Bhagavatula , Chandra Balasubramanian , Francis M. Sherwin , Michael A. Keresman, III , Jeffry J. Bowman
CPC分类号: G06Q20/4014 , G06F21/31 , G06F21/445 , G06Q30/06 , H04L63/08 , H04L63/083
摘要: A method of centralized identity authentication for use in connection with a communications network includes registering users of the communications network such that each registered user's identity is uniquely defined and determinable, and registering a plurality of vendors having a presence on the communications network. The registered vendors selectively transact with registered users, wherein the transactions include: (i) the registered vendor selling goods and/or services to the registered user; (ii) the registered vendor granting the registered user access to personal records maintained by the registered vendor; and/or (iii) the registered vendor communicating to the registered user personal information maintained by the registered vendor. The method also includes each user's identity being authenticated over the communications network prior to completion of transactions between registered vendors and registered users.
-
公开(公告)号:US20170017959A1
公开(公告)日:2017-01-19
申请号:US15213197
申请日:2016-07-18
发明人: Michael A. Keresman, III , Francis M. Sherwin , Chandra Balasubramanian , Gary Bender , Ed Katzin , Mark Carlson
CPC分类号: G06Q20/40 , G06Q20/02 , G06Q20/382 , G06Q20/385 , H04L63/0428
摘要: A method for obscuring a value of a sensitive data element includes: (a) receiving the sensitive data element, the sensitive data element being received over a data communications network (110) at a hardware computing device (142) of a trusted tokenization service provider (140); (b) generating a token corresponding to the received sensitive data element; (c) storing the token and sensitive data element in a memory device (146) such that they are correlated with one another; (d) providing the generated token to a first party (130) that uses the token in place of the sensitive data element in a request for authorization to complete a transaction, the request being sent from the first party (130); (e) intercepting the request for authorization including the token; (f) using the token contained in the intercepted request to look-up and retrieve the correlated sensitive data element in the memory device (160); (g) replacing the token contained in the request with the sensitive data element retrieved from the memory device (160); and (h) forwarding the request containing the sensitive data element to a second party (160 and/or 162) which employs the sensitive data element to determine whether completion of the transaction should be authorized or declined.
摘要翻译: 用于遮蔽敏感数据元素的值的方法包括:(a)接收敏感数据元素,敏感数据元素在可信赖标记服务提供商的硬件计算设备(142)处通过数据通信网络(110)接收, (140); (b)产生对应于所接收的敏感数据元素的令牌; (c)将令牌和敏感数据元素存储在存储设备(146)中,使得它们彼此相关; (d)将所生成的令牌提供给第一方(130),所述第一方(130)在第一方(130)发送所述请求以在完成交易的请求中使用所述令牌代替所述敏感数据元素。 (e)截取包括令牌在内的授权请求; (f)使用包含在截取的请求中的令牌来查找和检索存储器件(160)中的相关敏感数据元素; (g)用从所述存储设备(160)检索的所述敏感数据元素替换所述请求中包含的令牌; 以及(h)将包含敏感数据元素的请求转发给使用敏感数据元素的第二方(160和/或162),以确定交易的完成是否应被授权或拒绝。
-
公开(公告)号:US11195173B2
公开(公告)日:2021-12-07
申请号:US15650510
申请日:2017-07-14
发明人: Erik Nils Enright , Adam Ratica , Michael A. Keresman, III , Francis M. Sherwin , Chandra S. Balasubramanian
摘要: A system of electronic communication is disclosed. The system may: create a Pre-Authentication Transaction Number (Pre-ATN) by combining a number with a Special Encode Value (SEV), wherein the SEV is a single digit integer value; encrypt the Pre-ATN using a Format Preserving Encryption (FPE) to generate an encrypted Authentication Transaction Number (ATN); and send the encrypted ATN to an access control server (ACS) to use the encrypted ATN to generate a cardholder Authentication Verification Value (CAVV) or an Accountholder Authentication Value (AAV).
-
公开(公告)号:US20210150525A1
公开(公告)日:2021-05-20
申请号:US17160984
申请日:2021-01-28
发明人: Michael A. Keresman, III , Chandra Balasubramanian , Gary Bender , Mark Carlson , Edward Katzin , Francis M. Sherwin
摘要: A method for obscuring a value of a sensitive data element includes: (a) receiving the sensitive data element, the sensitive data element being received over a data communications network (110) at a hardware computing device (142) of a trusted tokenization service provider (140); (b) generating a token corresponding to the received sensitive data element; (c) storing the token and sensitive data element in a memory device (146) such that they are correlated with one another; (d) providing the generated token to a first party (130) that uses the token in place of the sensitive data element in a request for authorization to complete a transaction, the request being sent from the first party (130); (e) intercepting the request for authorization including the token; (f) using the token contained in the intercepted request to look-up and retrieve the correlated sensitive data element in the memory device (160); (g) replacing the token contained in the request with the sensitive data element retrieved from the memory device (160); and (h) forwarding the request containing the sensitive data element to a second party (160 and/or 162) which employs the sensitive data element to determine whether completion of the transaction should be authorized or declined.
-
-
-
-
-
-
-
-
-