IP Verse

Connected payment card systems and methods

Patent No. US11170364 (titled "Connected payment card systems and methods") on Feb 26, 2016. The application was issued on Nov 9, 2021.

What is this patent about?

'364 is related to the field of payment card management and security, specifically addressing the vulnerabilities associated with traditional payment card systems. Existing systems often manage security on an account-by-account basis, requiring customers to freeze or close entire accounts due to a single merchant breach, which can be highly disruptive. The patent aims to provide more granular control and enhanced security for payment card transactions.

The underlying idea behind '364 is to use merchant-specific tokens to represent payment card account information. Instead of directly using the primary account number (PAN) for transactions, a unique token is generated for each merchant. This token acts as a surrogate value, such that if a data breach occurs at one merchant, only the token is compromised, not the actual PAN. The customer can then manage these tokens individually, enabling or disabling them as needed, and even re-provisioning them in case of a breach or suspected fraud.

The claims of '364 focus on a financial institution computing system that includes a token database, a network interface, and a token management circuit. The system enables a graphical user interface (GUI) on a customer device, allowing the customer to manage merchant-specific tokens. The claims cover the dynamic provisioning of new tokens, the re-provisioning of tokens after a data breach, and the ability to enable or disable tokens for specific merchants, thereby controlling which merchants can charge a particular payment card account.

In practice, the invention allows a customer to use a mobile app or online banking portal to view a list of merchants associated with their payment card and the corresponding tokens. The customer can then selectively enable or disable these tokens, effectively granting or denying permission for those merchants to charge their account. If a data breach occurs at a particular merchant, the system automatically disables the token for that merchant and alerts the customer, who can then re-provision a new token for that merchant without affecting other merchants.

This approach differs significantly from prior solutions that require freezing or closing an entire payment card account in response to a security breach. By using merchant-specific tokens and providing customers with granular control over these tokens, the invention minimizes disruption and enhances security. The system also supports the dynamic provisioning of one-time tokens for single transactions, further reducing the risk of fraud and unauthorized charges. The dynamic provisioning happens without a separate token request.

How does this patent fit in bigger picture?

Technical Landscape

In the mid-2010s when ’364 was filed, digital payment systems were increasingly moving toward tokenization to replace sensitive primary account numbers during transactions. At a time when mobile wallets were typically implemented using static or server-managed tokens, security management commonly relied on account-wide freezes rather than granular control over individual merchant connections. Software constraints often made it non-trivial for a consumer to interactively manage specific merchant-linked tokens in real time, meaning a security breach at one vendor frequently required the total deactivation of the underlying payment card or account.

Prosecution Position

The examiner allowed the application because the prior art did not demonstrate a system capable of showing a user a specific list of merchants alongside their corresponding merchant-specific tokens. Furthermore, the examiner noted that existing technologies lacked the ability for a user to interactively enable or disable these specific tokens via a toggle button, or to trigger the generation of a new account number and re-provisioned token specifically in response to a detected data breach at a particular merchant.

Claims

Key Claim Terms New

Definitions of key terms used in the patent claims.

Term (Source)Support for SpecificationInterpretation
Graphical user interface
(Claim 1, Claim 12, Claim 18)		The token management circuit is configured to enable a graphical user interface on a customer device over the network. The token management circuit is further configured to cause a new token to be provisioned in response to a new token command generated by the graphical user interface. The token management circuit is configured to cause a token to be re-provisioned in response to a re-provision token command generated by the graphical user interface.An interface on a customer device that allows the user to interact with the financial institution computing system to manage payment card accounts and tokens.
Merchant-specific token
(Claim 1, Claim 12, Claim 18)		The system includes a token database, a network interface circuit, and a token management circuit. The token database retrievably stores a plurality of tokens and token information associated with each of the plurality of tokens. The network interface circuit enables the financial institution computing system to exchange information over a network.A token generated by tokenizing account information, replacing it with surrogate values. Each token is associated with a specific merchant and payment card account, enhancing security by preventing compromise of actual account information in case of a data breach.
Re-provisioning button
(Claim 1, Claim 12, Claim 18)		The token management circuit is configured to enable a graphical user interface on a customer device over the network. The token management circuit is further configured to cause a new token to be provisioned in response to a new token command generated by the graphical user interface. The token management circuit is configured to cause a token to be re-provisioned in response to a re-provision token command generated by the graphical user interface.A button in the graphical user interface that, when selected, triggers merchant-specific token re-provisioning for the payment card account.
Token database
(Claim 1, Claim 12, Claim 18)		The system includes a token database, a network interface circuit, and a token management circuit. The token database retrievably stores a plurality of tokens and token information associated with each of the plurality of tokens.A database that stores a plurality of merchant-specific tokens and token information associated with each of the plurality of merchant-specific tokens.
Token information
(Claim 1, Claim 12, Claim 18)		The system includes a token database, a network interface circuit, and a token management circuit. The token database retrievably stores a plurality of tokens and token information associated with each of the plurality of tokens.Data associated with each token that maps merchant-specific tokens to corresponding payment card accounts.

Litigation Cases New

US Latest litigation cases involving this patent.

Case NumberFiling DateTitle
4:24-cv-04583Nov 21, 2024Zito, Llc V. Turtle Integrated Supply, Inc.
4:24-cv-00752Aug 21, 2024Zito, Llc V. Ww Grainger Inc.

Patent Family

Patent Family

File Wrapper

The dossier documents provide a comprehensive record of the patent's prosecution history - including filings, correspondence, and decisions made by patent offices - and are crucial for understanding the patent's legal journey and any challenges it may have faced during examination.

  • Get instant alerts for new documents

US11170364

Application Number
US15054633A
Filing Date
Feb 26, 2016
Publication Date
Nov 9, 2021
External Links
Slate, USPTO, Google Patents