Search

US-12619993-B2 - Token management system

US12619993B2US 12619993 B2US12619993 B2US 12619993B2US-12619993-B2

Abstract

A computer system includes a token repository configured to store payment tokens, and a server system. The server system includes a processor and instructions stored in non-transitory machine-readable media, the instructions configured to cause the server system to receive a request to provision a payment token based on a financial product, wherein the request includes information related to the financial product, provision a payment token based on the token request, including authenticating the financial product based on the financial product information and generating the payment token upon authenticating the financial product, wherein the payment token is useable to make a payment via the financial product, and store the payment token in the token repository.

Inventors

  • Azita Asefi
  • Jorge Michirefe
  • Al Hecht
  • Steve Puffer
  • Peter Ho

Assignees

  • WELLS FARGO BANK, N.A.

Dates

Publication Date
20260505
Application Date
20240826

Claims (20)

  1. 1 . A computer system, comprising: a database configured to store tokens; and a server system configured to: provision a token based on a corresponding request and associated non-payment information; provide the token to a first third-party system of a first third-party; receive the token from the first third-party system; receive a notification that the token has been sent to a second third-party; receive the token from a second third-party system of the second third-party; receive identifying information associated with the second third-party and information regarding an intended use of the non-payment information; and determine, based on the identifying information, that the second third-party is authorized to access the non-payment information for the intended use.
  2. 2 . The computer system of claim 1 , wherein the non-payment information comprises personal information of an account holder.
  3. 3 . The computer system of claim 2 , wherein the personal information includes one or more of address information or a personal identification number.
  4. 4 . The computer system of claim 1 , wherein the server system is further configured to: determine that the first third-party is not allowed to use the non-payment information and refrain from de-tokenizing the token.
  5. 5 . The computer system of claim 1 , wherein the server system is further configured to: receive an access request including the token, wherein the access request includes a request to allow access to the non-payment information to an intended party system but not allow access to the non-payment information to an intermediary system; and provide the non-payment information to the intended party system in accordance with the access request.
  6. 6 . The computer system of claim 1 , wherein the server system is further configured to: filter, based on an input provided by the second third-party, the non-payment information to omit at least one character from the non-payment information, wherein the token does not include the omitted at least one character.
  7. 7 . The computer system of claim 1 , wherein the server system is further configured to: group the non-payment information into a plurality of groups according to a plurality of intended uses; and automatically generate a plurality of group tokens, wherein each of the plurality of automatically generated group tokens is associated with one of the plurality of intended uses based on the grouped non-payment information.
  8. 8 . The computer system of claim 7 , wherein the token is one of the plurality of group tokens, and wherein the server system is further configured to: in response to determining that a merchant is allowed to use the one of the plurality of group tokens, de-tokenize the one of the plurality of group tokens to determine updated grouped non-payment information associated with the one of the plurality of group tokens; and transmit the updated grouped non-payment information to the merchant in accordance with a corresponding rule specifying information that may be transmitted to the merchant.
  9. 9 . The computer system of claim 8 , wherein the updated grouped non-payment information comprises a plurality of information required for the intended use.
  10. 10 . The computer system of claim 9 , wherein the intended use comprises at least one of purchasing a car, purchasing a home, applying for college, or applying for rental housing.
  11. 11 . A method of provisioning tokens, comprising: provisioning, by a computer system, a token based on a corresponding request and associated non-payment information; providing, by the computer system, the token to a first third-party system of a first third-party; receiving the token from the first third-party system of the first third-party; receiving a notification that the token has been sent by the first third-party to a second third-party; receiving the token from a second third-party system of the second third-party; receiving, from the second third-party, identifying information associated with the second third-party and information regarding an intended use of the non-payment information; and determining, based on the identifying information, that the second third-party is authorized to access the non-payment information for the intended use.
  12. 12 . The method of claim 11 , wherein the non-payment information comprises personal information of an account holder.
  13. 13 . The method of claim 12 , wherein the personal information includes one or more of address information or a personal identification number.
  14. 14 . The method of claim 11 , further comprising: determining that the first third-party is not allowed to use the non-payment information and refraining from de-tokenizing the token.
  15. 15 . The method of claim 11 , further comprising: receiving, by the computer system, an access request including the token, wherein the access request includes a request to allow access to the non-payment information to an intended party system but not allow access to the non-payment information to an intermediary system; and providing, by the computer system, the non-payment information to the intended party system in accordance with the access request.
  16. 16 . The method of claim 11 , further comprising: grouping, by the computer system, the non-payment information into a plurality of groups according to a plurality of intended uses; and automatically generating, by the computer system, a plurality of group tokens, wherein each of the plurality of automatically generated group tokens is associated with one of the plurality of intended uses based on the grouped non-payment information.
  17. 17 . The method of claim 11 , further comprising: filtering, by the computer system based on an input provided by the second third-party, the non-payment information to omit at least one character from the non-payment information, wherein the token does not include the omitted at least one character.
  18. 18 . A non-transitory computer readable media having computer-executable instructions embodied therein that, when executed by a processor of a computing system, cause the computing system to perform operations comprising: provisioning a token based on a corresponding request and associated non-payment information; providing the token to a first third-party system of a first third-party; receiving the token from the first third-party system of the first third-party; receiving a notification that the token has been sent by the first third-party to a second third-party; receiving the token from a second third-party system of the second third-party; receiving, from the second third-party, identifying information associated with the second third-party and information regarding an intended use of the non-payment information; and determining, based on the identifying information, that the second third-party is authorized to access the non-payment information for the intended use.
  19. 19 . The non-transitory computer readable media of claim 18 , the operations further comprising: grouping the non-payment information into a plurality of groups according to a plurality of intended uses; and automatically generating a plurality of group tokens, wherein each of the plurality of automatically generated group tokens is associated with one of the plurality of intended uses based on the grouped non-payment information.
  20. 20 . The non-transitory computer readable media of claim 18 , the operations further comprising: filtering, based on an input provided by the second third-party, the non-payment information to omit at least one character from the non-payment information, wherein the token does not include the omitted at least one character.

Description

CROSS-REFERENCE TO RELATED APPLICATION This application is a continuation of U.S. patent application Ser. No. 18/197,276, filed May 15, 2023, which is a continuation of U.S. patent application Ser. No. 15/353,586, filed Nov. 16, 2016, which is a continuation of U.S. patent application Ser. No. 15/081,536, filed Mar. 25, 2016, which claims the benefit of priority to U.S. Provisional Patent Application No. 62/139,525, filed on Mar. 27, 2015, each of which are hereby incorporated by reference in their respective entireties. BACKGROUND The present disclosure relates generally to the field of tokenization. More particularly, the present disclosure relates to systems and methods for storing and managing electronic tokens. Tokenization is often used to replace sensitive information with a non-sensitive equivalent having limited extrinsic value (i.e., an electronic token). The electronic token may then be resolved by a central entity in order to derive the sensitive information. For instance, an electronic token may be used in place of credit card information to initiate payment activity. A merchant receiving such an electronic payment token may provide the token to a central entity and receive account information for processing the payment based on the token. Along with providing improved security for electronic transactions, electronic tokens may also provide enhanced transaction efficiency, increase service transparency, and enable various third party payment methods. Various financial networks utilize tokenization for card accounts to initiate secured payments via tokens. Upon issuing the token, the financial network may store the issued token and any associated card account information within a storage location (i.e., a token vault). However, the data structure for each storage location is not consistent and the functionality varies between financial networks. Thus, it may be difficult for the financial networks and associated financial institutions to access authorized information stored across multiple storage locations, such as to provision a token or perform token life cycle management actions. Further, storage locations supported by the financial networks may not support tokenization of non-card domains, such as demand deposit accounts (DDAs) or Automated Clearing House (ACH) transactions. SUMMARY One embodiment of the present disclosure relates to a computer system. The computer system includes a token repository configured to store payment tokens, and a server system. The server system includes a processor and instructions stored in non-transitory machine-readable media, the instructions configured to cause the server system to receive a request to provision a payment token based on a financial product, wherein the request includes information related to the financial product, provision a payment token based on the token request, including authenticating the financial product based on the financial product information and generating the payment token upon authenticating the financial product, wherein the payment token is useable to make a payment via the financial product, and store the payment token in the token repository. Another embodiment of the present disclosure relates to a computer system. The computer system includes a token repository configured to store payment tokens, and a server system. The server system includes a processor and instructions stored in non-transitory machine-readable media, the instructions configured to cause the server system to receive information related to a payment token stored in the token repository, update the status of the stored payment token based on the information, and upon updating the status of the payment token, send a notification to a user of the payment token indicating that the status of the stored payment token has been updated. Another embodiment of the present disclosure relates to a computer system. The computer system includes a token repository configured to store a payment token, and a server system. The server system includes a processor and instructions stored in non-transitory machine-readable media, the instructions configured to cause the server system to receive a request to authorize a transaction from a requesting entity, wherein the transaction was initiated based on the stored payment token, and wherein the payment token includes encrypted information related to a financial product, authorize the transaction based on the payment token and authorization rules stored in memory of the computer system, including de-tokenizing the payment token to identify the financial product information, and upon authorizing the transaction, send the financial product information to the requesting entity, wherein the financial product information is useable by the requesting party to process the transaction. BRIEF DESCRIPTION OF THE FIGURES The details of one or more implementations are set forth in the accompanying drawings and the description below. Ot