CPC G06Q 20/382 (2013.01) [G06Q 20/12 (2013.01); G06Q 20/20 (2013.01); G06Q 20/367 (2013.01); G06Q 20/385 (2013.01); G06Q 20/40 (2013.01); G06Q 20/4016 (2013.01)] | 20 Claims |
1. A method comprising:
determining, by a computer, an identification and verification process verifying a token requestor, and an entity that performed the identification and verification process;
determining, by the computer, a payment token corresponding to a primary account number;
assigning, by the computer, a token assurance level to the payment token based on the identification and verification process verifying the token requestor and the entity that performed the identification and verification process;
storing the payment token, by the computer, the token assurance level and the primary account number corresponding to the payment token at a repository;
transmitting, by the computer, the payment token to the token requestor;
receiving, by the computer after transmitting the payment token to the token requestor, the payment token corresponding to the primary account number in an authorization request message associated with a transaction;
retrieving, by the computer, the token assurance level corresponding to the payment token and data used during generation of the token assurance level from the repository, wherein the data used during generation of the token assurance level includes one or more of a type of the identification and verification process performed to verify the token requestor, the entity that performed the identification and verification process, data used in performing the identification and verification process, and a result of the identification and verification process;
modifying, by the computer, the authorization request message to include the token assurance level and the data used during generation of the token assurance level;
transmitting, by the computer, the modified authorization request message to an issuer computer of an account corresponding to the primary account number, the issuer computer authorizes the transaction at least based upon the token assurance level; and
receiving, by the computer, an authorization response from the issuer computer.
|