Virtualization and secure processing of data
US-2023196356-A1 · Jun 22, 2023 · US
Tokenizing sensitive data
US12505433B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12505433-B2 |
| Application number | US-202318513923-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 20, 2023 |
| Priority date | May 27, 2011 |
| Publication date | Dec 23, 2025 |
| Grant date | Dec 23, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Included are embodiments for tokenizing sensitive data. Some embodiments of systems and/or methods are configured to receive sensitive data from a vendor, determine a token key for the vendor, and utilize a proprietary algorithm, based on the token key to generate a vendor-specific token that is associated with the sensitive data. Some embodiments include creating a token identifier that comprises data related to the token key sending the vendor-specific token and the token identifier to the vendor.
First claim
Opening claim text (preview).
The invention claimed is: 1 . A method for tokenization of sensitive data, comprising: receiving, by a tokenization computing device, sensitive data from a vendor computing device associated with a vendor; generating, by the tokenization computing device and using a token key of the vendor, a unique vendor-specific token associated with the sensitive data; receiving, by the tokenization computing device, a request to change the unique vendor-specific token, wherein the request includes the unique vendor-specific token and a token identifier linked to the unique vendor-specific token in a database associated with the tokenization computing device; retrieving, by the tokenization computing device and using the token identifier, the sensitive data from the database; generating, by the tokenization computing device and using a new token key, a new token for associating with the sensitive data; in response to generating the new token, updating, by the tokenization computing device, the token identifier for associating with the new token; and sending, by the tokenization computing device, the updated token identifier and the new token to the vendor computing device, wherein a tokenization of the new token is validated using the updated token identifier. 2 . The method of claim 1 , further comprising: receiving, by the tokenization computing device, a request to rotate the new token; accessing, by the tokenization computing device, a table to determine whether the new token is associated with a rollup identifier; in response to determining that the new token is associated with the rollup identifier, determining, by the tokenization computing device, a new token key that is utilized for entities in a predetermined group; updating, by the tokenization computing device, the new token according to the new token key; and sending, by the tokenization computing device, the updated new token and the token identifier to the vendor. 3 . The method of claim 1 , further comprising generating, by the tokenization computing device, a rollup identifier associated with the unique vendor-specific token, wherein the rollup identifier provides a pointer to the token key, wherein the token key is common to a plurality of entities. 4 . The method of claim 1 , further comprising: receiving, by the tokenization computing device, an indication of joining of the vendor with a second entity, wherein the indication includes a request to associate the new token with another token from the second entity; updating, by the tokenization computing device, the token identifier to generate a rollup identifier that points to a common token key for the vendor and the second entity; and sending, by the tokenization computing device, the updated token and the token identifier to the vendor. 5 . The method of claim 1 , wherein the token identifier includes a sanity value. 6 . A system for tokenization of sensitive data, comprising: a tokenization computing device comprising a processor; and a memory component that is coupled to the processor and stores logic that when executed by the processor, causes the system to perform at least the following: receive, by the tokenization computing device, sensitive data from a vendor computing device associated with a vendor; generate, by the tokenization computing device and using a token key of the vendor, a unique vendor-specific token associated with the sensitive data; receive, by the tokenization computing device, a request to change the unique vendor-specific token, wherein the request includes the unique vendor-specific token and a token identifier linked to the unique vendor-specific token in a database associated with the tokenization computing device; retrieve, by the tokenization computing device and using the token identifier, the sensitive data from the database; generate, by the tokenization computing device and using a new token key, a new token for associating with the sensitive data; in response to generating the new token, update, by the tokenization computing device, the token identifier for associating with the new token; and send, by the tokenization computing device, the updated token identifier and the new token to the vendor computing device, wherein a tokenization of the new token is validated using the updated token identifier. 7 . The system of claim 6 , wherein the sensitive data includes at least one of a credit card number, a debit card number, a prepaid card number, a social security number, a bank account number, a telephone number, and an address. 8 . The system of claim 6 , wherein the logic further causes the system to store the new token and the token identifier. 9 . The system of claim 6 , wherein the logic further causes the system to generate a rollup identifier associated with the unique vendor-specific token, wherein the rollup identifier provides a pointer to the token key, wherein the token key is common to a plurality of entities. 10 . The system of claim 6 , wherein the logic further causes the system to perform at least the following: receive sensitive data from the vendor computing device; determine the token key for the vendor; link the vendor-specific token and the token identifier in a database; generate the vendor-specific token; and create the token identifier that comprises data related to the token key. 11 . The system of claim 6 , wherein the logic further causes the system to perform at least the following: receive a request to rotate the new token; access a table to determine whether the new token is associated with a rollup identifier; in response to determining that the new token is associated with a rollup identifier, determine a new token key that is utilized for entities in a predetermined group; update the new token according to the new token key; and send the updated new token and the token identifier to the vendor computing device. 12 . The system of claim 6 , wherein the token identifier includes a sanity value. 13 . A non-transitory computer-readable medium for tokenization of sensitive data that stores a program that when executed by a tokenization computing device, causes the tokenization computing device to perform operations including: receive, by the tokenization computing device, sensitive data from a vendor computing device associated with a vendor; generate, by the tokenization computing device and using a token key of the vendor, a unique vendor-specific token associated with the sensitive data; receive, by the tokenization computing device, a request to change the unique vendor-specific token, wherein the request includes the unique vendor-specific token and a token identifier linked to the unique vendor-specific token in a database associated with the tokenization computing device; retrieve, by the tokenization computing device and using the token identifier, the sensitive data from the database; generate, by the tokenization computing device and using a new token key, a new token for associating with the sensitive data; in response to generating the new token, update, by the tokenization computing device, the token identifier for associating with the new token; and send, by the tokenization computing device, the updated token identifier and the new token to the vendor computing device, wherein a tokenization of the new token is validated using the updated token identifier. 14 . The non-transitory computer-readable medium of claim 13 , wherein the sensitive data includes at least one of a credit card number, a debit card number, a prepaid card number, a bank account number, a social s
Assignees
Inventors
Classifications
Protecting data · CPC title
specially adapted for electronic shopping systems · CPC title
combining multiple encryption tools for a transaction · CPC title
Use of certificates or encrypted proofs of transaction rights · CPC title
Financial cryptography, e.g. electronic payment or e-cash · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12505433B2 cover?
- Included are embodiments for tokenizing sensitive data. Some embodiments of systems and/or methods are configured to receive sensitive data from a vendor, determine a token key for the vendor, and utilize a proprietary algorithm, based on the token key to generate a vendor-specific token that is associated with the sensitive data. Some embodiments include creating a token identifier that compri…
- Who is the assignee on this patent?
- Worldpay Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L9/0891. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Dec 23 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).