Token state synchronization

What is claimed is: 1. A method comprising: receiving, by a first service provider application on a communication device, an encrypted application token from a first service provider computer; receiving, by an account management application on the communication device from the first service provider application on the communication device, the encrypted application token; storing the encrypted application token in a token container in the account management application, the token container associated with a container identifier and a token state associated with the encrypted application token, wherein the token state includes at least one of a newly generated token, a redeemed token, or a value added token; and providing, by the account management application on the communication device to a token service computer, the encrypted application token. 2. The method of claim 1 , wherein the container identifier and the token state are maintained by the token service computer. 3. The method of claim 1 , wherein the token service computer and the first service provider computer have respective cryptographic keys of a cryptographic key pair. 4. The method of claim 3 , wherein the cryptographic key pair is a symmetric key pair. 5. The method of claim 1 , further comprising: receiving, by the account management application on the communication device from the token service computer in communication with a second service provider computer, a second application token; and storing the second application token in the token container in the account management application. 6. The method of claim 1 , wherein the token container is transmitted to the account management application with the encrypted application token. 7. The method of claim 1 , wherein the token container is stored to the account management application prior to the receiving. 8. A communication device comprising: a memory configured to store computer-executable instructions; and; a processor in communication with the memory configured to execute the computer-executable instructions to perform the steps of: receiving, by a first service provider application on the communication device, an encrypted application token from a first service provider computer; receiving, by an account management application on the communication device from the first service provider application on the communication device, the encrypted application token; storing the encrypted application token in a token container in the account management application, the token container associated with a container identifier and a token state associated with the encrypted application token, wherein the token state includes at least one of a newly generated token, a redeemed token, or a value added token; and providing, by the account management application on the communication device to a token service computer, the encrypted application token. 9. The communication device of claim 8 , wherein the container identifier and the token state are maintained by the token service computer. 10. The communication device of claim 8 , wherein the token service computer and the first service provider computer have respective cryptographic keys of a cryptographic key pair. 11. The communication device of claim 10 , wherein the cryptographic key pair is a symmetric key pair. 12. The communication device of claim 8 , the steps further comprising: receiving, by the account management application on the communication device from the token service computer in communication with a second service provider computer, a second application token; and storing the second application token in the token container in the account management application. 13. A method comprising: transmitting, by a service provider computer to a service provider application, an encrypted application token; and transmitting, by the service provider application to a token service computer, a provisioning request and the encrypted application token, thereby causing the encrypted application token to be provisioned to a token container associated with a container identifier and a token state associated with the encrypted application token in response to the provisioning request, wherein the token state includes at least one of a newly generated token, a redeemed token, or a value added token. 14. The method of claim 13 , wherein the container identifier and the token state are maintained by the token service computer. 15. The method of claim 13 , wherein the token container is transmitted to an account management application with the encrypted application token. 16. The method of claim 13 , wherein the service provider computer transmits the provisioning request directly to the token service computer. 17. The method of claim 13 , wherein the token container is stored to an account management application prior to the provisioning.