| CPC G06Q 20/02 (2013.01) [G06Q 20/3255 (2013.01); G06Q 20/34 (2013.01); G06Q 20/382 (2013.01); G06Q 20/3821 (2013.01); G06Q 20/385 (2013.01); G06Q 20/401 (2013.01); G06Q 20/4014 (2013.01); G06Q 20/40975 (2013.01); G06Q 20/42 (2013.01); G06Q 40/02 (2013.01); H04L 63/083 (2013.01)] | 4 Claims |
|
1. An interchange network system comprising:
a data store comprising financial account data of a plurality of cardholders;
a token service system;
an open service computing system including a database, an open service application programming interface (API), a first one or more processors and a first one or more non-transitory computer readable media storing executable instructions that when executed by the first one or more processors, causes the first one or more processors to perform the operations of:
executing the open service API a first time;
receiving, via the executing open service API, a request to authenticate a cardholder of the plurality of cardholders with a JSON web token from a third party provider (TTP) computer, the JSON web token including a request for the TPP computer to access the financial account data of the cardholder from the data store;
presenting, via the executing open service API, on a cardholder computing device, a consent screen including a list of one or more data services;
receiving, via the executing open service API, a selection of one or more data services of the list of one or more data services associated with the request;
after receiving the selection, presenting, via the executing open service API, a transaction card details input screen on the cardholder computing device;
receiving, via the executing open service API, the transaction card details from the cardholder computing device, and transmitting, via the executing open service API, the received details to the token service system;
the token service system comprising a second one or more second processors and a second one or more non-transitory computer readable media storing executable instructions that when executed by the second one or more processors causes the second one or more processors to perform the operations of:
based on the received transaction card details, generating an access token and a payment token, wherein the access token and the payment token are associated with the financial account data;
generating an association between the access token, the payment token, and the received transaction card details, and storing the payment token and the association in the database;
authenticating the cardholder, wherein authenticating comprises:
receiving an authentication identifier (ID) from an issuer computer;
receiving a second ID from the cardholder computing device; and
determining that the authentication ID and the second ID are the same; and
after authenticating the cardholder, transmitting, via the first one or more processors, the access token to the TPP; and
the first one or more non-transitory computer readable media storing executable instructions that when executed by the first one or more processors causes the first one or more processors to further perform the operations of:
executing the open service application API a second time;
receiving, via a token revocation request message from the cardholder computing device and/or the issuer computer; and,
transmitting a message to delete the access token to the token service system;
the second one or more non-transitory computer readable media storing executable instructions that when executed by the second one or more processors causes the second one or more processors to further perform the operations of:
receiving the message to delete the access token; and,
deleting the access token from the database.
|