| 发明名称 |
Implementing security measures for authorized tokens used in mobile transactions |
| 摘要 |
Security measures for tokens comprise storing security rules associated with a generated token in a memory. A processor, communicatively coupled to the memory, accesses the security rules associated with the generated token and determines whether to encrypt the generated token by applying at least a portion of the security rules to the generated token. The processor encrypts the generated token. An interface, communicatively coupled to the processor, communicates the encrypted token to a mobile device associated with a user. |
| 申请公布号 |
US9043609(B2) |
申请公布日期 |
2015.05.26 |
| 申请号 |
US201213553463 |
申请日期 |
2012.07.19 |
| 申请人 |
Bank of America Corporation |
发明人 |
Calman Matthew A. |
| 分类号 |
G06Q20/32;G06Q20/36;G06F21/00 |
主分类号 |
G06Q20/32 |
| 代理机构 |
|
代理人 |
Springs Michael A. |
| 主权项 |
1. An apparatus, comprising:
a memory operable to store token rules to generate a token for a user to complete a mobile transaction using a mobile device, performance data associated with a mobile gateway, and security rules associated with a generated token and the user; a processor communicatively coupled to the memory, the processor operable to:
predict when the mobile gateway is available using the stored performance data;receive a request to generate the token;generate the token when:
the prediction indicates that the mobile gateway is available;the user is in a location where the user has previously conducted the mobile transaction;the user has previously conducted the mobile transaction at that time of day; andmobile network connectivity data of the mobile device is below a predetermined threshold;access the security rules associated with the generated token;determine whether to encrypt the generated token by applying at least a first portion of the security rules to the generated token, the first portion of the security rules comprises rules to determine whether the user is in the location where the user has previously conducted the mobile transaction and to determine whether the user has previously conducted the mobile transaction at the time of day;encrypt the generated token; andapply at least a second portion of the security rules to the generated token to determine whether a personal identification of the user is required to use the token, the second portion of the security rules comprises rules to determine whether a previously issued token associated with the user has expired; and an interface communicatively coupled to the processor, the interface operable to communicate the encrypted token to the mobile device associated with the user, the encrypted token facilitating the mobile transaction when the mobile gateway is unavailable. |
| 地址 |
Charlotte NC US |
