Secure software containers
US-10055578-B1 · Aug 21, 2018 · US
Token state synchronization
US11847233B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11847233-B2 |
| Application number | US-202117198113-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 10, 2021 |
| Priority date | Jul 3, 2018 |
| Publication date | Dec 19, 2023 |
| Grant date | Dec 19, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for managing an application token may include providing, by a first service provider application on a communication device to a first service provider computer, a first request for a first application token, receiving, by an account management application on the communication device from a token service computer in communication with the first service provider computer, the first application token, and storing the first application token in a token container in the account management application.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: receiving, at a token service computer, a provisioning request to provision an application token to a token container on an account management application on a communication device, the communication device also comprising a service provider application associated with a service provider computer; and transmitting, to the account management application on the communication device from the token service computer, the application token in an encrypted form to the token container in the account management application on the communication device, the token container associated with a container identifier and a token state associated with the encrypted application token, the container identifier and the token state maintained by the token service computer, the token state including at least one of a newly generated token, a redeemed token, or a value added token. 2. The method of claim 1 , wherein the token service computer transmits the token container with the application token. 3. The method of claim 1 , wherein the token service computer receives the provisioning request from the account management application in an encrypted form and decrypts the application token before transmitting the application token. 4. The method of claim 1 , wherein the token service computer transmitted the token container prior to receiving the provisioning request. 5. The method of claim 1 , wherein the token service computer receives the provisioning request from the service provider computer. 6. A token service computer comprising: a processor; a non-transitory computer-readable medium comprising instructions, which, when executed by the processor, perform the steps of: receiving a provisioning request to provision an application token to a token container on an account management application on a communication device, the communication device also comprising a service provider application associated with a service provider computer; and transmitting, to the account management application on the communication device from the token service computer, the application token in an encrypted form to the token container in the account management application on the communication device, the token container associated with a container identifier and a token state associated with the encrypted application token, the container identifier and the token state maintained by the token service computer, the token state including at least one of a newly generated token, a redeemed token, or a value added token. 7. The token service computer of claim 6 , wherein the token container is transmitted to the account management application with the application token. 8. The token service computer of claim 6 , wherein the provisioning request is received from the account management application in an encrypted form and the token service computer decrypts the application token before transmitting the application token. 9. The token service computer of claim 6 , wherein the token service computer transmitted the token container prior to receiving the provisioning request. 10. The token service computer of claim 6 , wherein the token service computer receives the provisioning request from the service provider computer. 11. A method for managing application tokens comprising: providing, by a first service provider application of a plurality of service provider applications on a communication device to a first service provider computer, a first request for a first application token; receiving, by the first service provider application on the communication device from the first service provider computer, an encrypted application token corresponding to the first application token; receiving, by an account management application on the communication device from the first service provider application on the communication device, the encrypted application token; transmitting, by the account management application on the communication device to a token service computer in communication with the first service provider computer, a token provisioning request with the encrypted application token; receiving, by the account management application on the communication device from the token service computer, the first application token with a token container, the token container associated with a container identifier and a token state associated with the first application token, the container identifier and the token state maintained by the token service computer, the token state including at least one of a newly generated token, a redeemed token, or a value added token; and storing the first application token in the token container in the account management application. 12. The method of claim 11 , wherein the token service computer and the first service provider computer have respective cryptographic keys of a cryptographic key pair. 13. The method of claim 12 , wherein the cryptographic key pair is a symmetric key pair. 14. The method of claim 11 , further comprising: providing, by a second service provider application on the communication device to a second service provider computer, a second request for a second application token; receiving, by the account management application on the communication device from the token service computer in communication with the second service provider computer, the second application token; and storing the second application token in the token container in the account management application. 15. The method of claim 11 , further comprising: receiving, by the first service provider application, a user request from a user for the first application token, wherein the first service provider application provides the first request for the first application token responsive to the user request. 16. The method of claim 11 , wherein the first request for the first application token comprises payment information for purchasing the first application token and details pertaining to the first application token. 17. The method of claim 11 , further comprising: after receiving the encrypted application token from the first service provider computer, transmitting, by the first service provider application on the communication device to the account management application on the communication device, an encrypted payload comprising the encrypted application token.
Assignees
Inventors
Classifications
- G06F21/602Primary
Providing cryptographic facilities or services · CPC title
for accessing specific resources, e.g. using Kerberos tickets · CPC title
Program or device authentication · CPC title
to features or functions of an application · CPC title
- H04L9/3213Primary
using tickets or tokens, e.g. Kerberos (network architectures or network communication protocols for entities authentication using tickets in a packet data network H04L63/0807) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11847233B2 cover?
- Techniques for managing an application token may include providing, by a first service provider application on a communication device to a first service provider computer, a first request for a first application token, receiving, by an account management application on the communication device from a token service computer in communication with the first service provider computer, the first app…
- Who is the assignee on this patent?
- Visa Int Service Ass
- What technology area does this patent fall under?
- Primary CPC classification G06F21/602. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 19 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 4 related publications on this page (citations in our corpus or others sharing the same primary CPC).