E-commerce platform with tokenization system
Abstract
Systems and methods for tokenization of sensitive data are described, such as a method that includes receiving data to be protected which is provided by a data provider and obtained by or on behalf of a data controller, determining a data controller ID associated with the data controller and a data provider ID associated with the data provider, and generating, by a tokenization engine, a corresponding token for the data controller ID in combination with the data provider ID and in combination with the data to be protected, wherein the token is a reference that maps back to the data to be protected. The data controller ID in combination with the data provider ID and the data to be protected may be stored in a data vault, wherein the data to be protected is accessible from the data vault when the corresponding token is presented.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1 . A method comprising:
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a data controller, determining a data controller ID associated with the data controller and a data provider ID associated with the data provider; generating, by the tokenization engine, a corresponding token for the data controller ID in combination with the data provider ID and in combination with the data to be protected, wherein the token is a reference that maps back to the data to be protected; and storing the data controller ID in combination with the data provider ID and the data to be protected in a data vault, wherein the data to be protected is accessible from the data vault when the corresponding token is presented.
2 . The method of claim 1 , wherein the data provider is one of a merchant and a customer of a merchant.
3 . The method of claim 1 , wherein the data controller is one of an e-commerce platform and a merchant.
4 . The method of claim 1 , further comprising authenticating, by the tokenization engine, access to the data to be protected upon receipt of the corresponding token.
5 . The method of claim 1 , wherein a different token is generated for the same data to be protected if associated with a different data controller ID.
6 . The method of claim 1 , wherein a different token is generated for the same data to be protected if associated with a different data provider ID.
7 . The method of claim 1 , wherein the tokenization engine provides placeholder data in the case of a missing data controller ID and in the case of a missing data provider ID.
8 . The method of claim 1 , further comprising deleting the data to be protected in the data vault upon receipt of a request by the data provider to delete the data to be protected.
9 . The method of claim 1 , further comprising preventing the data to be protected from being accessed by any entity upon receipt of a request by the provider to delete the data to be protected.
10 . The method of claim 1 , further comprising transmitting the data provider ID and the token for storage in a database of an e-commerce platform.
11 . The method of claim 1 , wherein the data provider ID comprises at least one of a ID kind and an ID value.
12 . The method of claim 1 , wherein the data controller ID comprises at least one of a controller kind, an ID kind, and an ID value.
13 . The method of claim 1 , further comprising authorizing a data analysis to be performed on the data controller and the data provider and using the corresponding token as a placeholder.
14 . The method of claim 1 , further comprising receiving and authenticating, by the tokenization engine, the corresponding token, and authorizing a data analysis to be performed on the data controller and the data provider using the data to be protected when the corresponding token is authenticated.
15 . A system comprising:
a tokenization engine that receives data to be protected which is provided by a data provider and obtained by or on behalf of a data controller; and a data vault, wherein the tokenization engine is enabled to determine a data controller ID associated with the data controller and a data provider ID associated with the data provider and generate a corresponding token for the data controller ID in combination with the data provider ID and in combination with the data to be protected, wherein the token is a reference that maps back to the data to be protected, and wherein the data vault stores the data controller ID in combination with the data provider ID and the data to be protected, wherein the data to be protected is accessible from the data vault when the corresponding token is presented.
16 . The system of claim 15 , wherein the data provider is one of a merchant and a customer of a merchant.
17 . The system of claim 15 , wherein the data controller is one of an e-commerce platform and a merchant.
18 . A method comprising:
receiving, by a tokenization engine, data to be protected which is provided by a customer and obtained by or on behalf of a merchant; determining a merchant ID associated with the merchant and a customer ID associated with the customer; generating, by the tokenization engine, a corresponding token for the merchant ID in combination with the customer ID and in combination with the data to be protected, wherein the token is a reference that maps back to the data to be protected; and storing the merchant ID with the customer ID and the data to be protected in a data vault, wherein the data to be protected is accessible from the data vault when the corresponding token is presented.
19 . The method of claim 18 , further comprising deleting the data to be protected in the data vault upon receipt of a request by the customer to delete the data to be protected.
20 . The method of claim 18 , further comprising preventing the data to be protected from being accessed by any entity upon receipt of a request by the customer to delete the data to be protected.
21 . The method of claim 20 , wherein the corresponding token is invalidated upon receipt of a request by the customer to delete the data to be protected.
22 . A method comprising:
receiving, by a tokenization engine, data to be protected which is provided by a data provider and obtained by or on behalf of a first data controller; determining a first data controller ID associated with the first data controller and a data provider ID associated with the data provider; generating, by the tokenization engine, a first token for the first data controller ID in combination with the data provider ID and in combination with the data to be protected, wherein the first token is a reference that maps back to the data to be protected; receiving, by the tokenization engine, the same data to be protected which is provided by the data provider and obtained by or on behalf of a second data controller; determining a second data controller ID associated with the second data controller; generating, by the tokenization engine, a second token for the second data controller ID in combination with the data provider ID and in combination with the same data to be protected, wherein the second token is a reference that maps back to the data to be protected; storing the first data controller ID in combination with the data provider ID and the data to be protected in a data vault, wherein the data to be protected is accessible from the data vault when the first token is presented; storing the second data controller ID in combination with the data provider ID and the data to be protected in the data vault, wherein the data to be protected is accessible from the data vault when the second token is presented; and receiving a request from the data provider to delete the data to be protected with respect to the first data controller, and in response to the request, preventing the data to be protected from being accessed with the first token.
23 . The method of claim 22 , wherein the data to be protected is personally identifiable information of the data provider.
24 . The method of claim 23 , wherein the data to be protected is an email address, a phone number or a physical address.
25 . The method of claim 22 , further comprising performing an audit, by the tokenization engine, of access to the data to be protected in the data vault.
26 . A method comprising:
receiving, by a tokenization engine, first and second data to be protected; receiving, by the tokenization engine, a first data controller ID associated with a first data controller and a first data provider ID associated with the first data provider corresponding to the first data to be protected; receiving, by the tokenization engine, a second data controller ID associated with a second data controller and a second data provider ID associated with the second data provider corresponding to the second data to be protected; generating, by the tokenization engine, a corresponding first token for the first data controller ID in combination with the first data provider ID and in combination with the first data to be protected, wherein the first token is a reference that maps back to the first data to be protected; generating, by the tokenization engine, a corresponding second token for the second data controller ID in combination with the second data provider ID and in combination with the second data to be protected, wherein the second token is a reference that maps back to the second data to be protected; storing the first data controller ID in combination with the first data provider ID and the first data to be protected in a data vault, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented; and storing the second data controller ID in combination with the second data provider ID and the second data to be protected in the data vault, wherein the second data to be protected is accessible from the data vault when the corresponding second token is presented.
27 . The method of claim 26 , wherein each of the first and the second data provider ID comprises at least one of a ID kind and an ID value.
28 . The method of claim 26 , wherein each of the first and the second data controller ID comprises at least one of a controller kind, an ID kind, and an ID value.
29 . A method comprising:
receiving, by a tokenization engine, first and second data to be protected; receiving, by the tokenization engine, a data controller ID associated with a data controller and a data provider ID associated with the data provider corresponding to the first and second data to be protected; generating, by the tokenization engine, a corresponding first token for the data controller ID in combination with the data provider ID and in combination with the first data to be protected, wherein the first token is a reference that maps back to the first data to be protected; generating, by the tokenization engine, a corresponding second token for the data controller ID in combination with the data provider ID and in combination with the second data to be protected, wherein the second token is a reference that maps back to the second data to be protected; storing the data controller ID in combination with the data provider ID and the first data to be protected in a data vault, wherein the first data to be protected is accessible from the data vault when the corresponding first token is presented; and storing the data controller ID in combination with the data provider ID and the second data to be protected in the data vault, wherein the second data to be protected is accessible from the data vault when the corresponding second token is presented.Join the waitlist — get patent alerts
Track US2020242590A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.