US 11,900,371 B2
Replacing token on a multi-token user device
Eduardo Lopez, Menlo Park, CA (US); and Robert Michael Yost, San Francisco, CA (US)
Assigned to Visa International Service Association, San Francisco, CA (US)
Filed by Visa International Service Association, San Francisco, CA (US)
Filed on Jan. 7, 2021, as Appl. No. 17/144,092.
Application 17/144,092 is a continuation of application No. 15/462,658, filed on Mar. 17, 2017, granted, now 10,915,899.
Prior Publication US 2021/0133744 A1, May 6, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 20/40 (2012.01); G06Q 30/018 (2023.01); G06Q 20/22 (2012.01); G06Q 20/34 (2012.01); G06Q 20/38 (2012.01); G06Q 20/20 (2012.01)
CPC G06Q 20/401 (2013.01) [G06Q 20/204 (2013.01); G06Q 20/227 (2013.01); G06Q 20/3552 (2013.01); G06Q 20/3572 (2013.01); G06Q 20/385 (2013.01); G06Q 20/40 (2013.01); G06Q 20/4016 (2013.01); G06Q 30/0185 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A method performed by a server computer, the method comprising:
provisioning a plurality of tokens on a transaction card, wherein each token is associated with an account identifier representing an account, wherein provisioning includes:
provisioning a first token on a first physical element of the transaction card, and
provisioning a second token on a second physical element of the transaction card,
wherein each one of the first physical element and the second physical element is one of a contact interface chip, a contactless interface chip, a dual interface chip, a magnetic strip, or a digital display of the transaction card,
wherein the first physical element is different than the second physical element;
receiving, from a transaction terminal of a resource provider, an authorization request message for a transaction initiated using the second token stored on the transaction card;
retrieving the account identifier representing the account using the second token;
generating a modified authorization request message by replacing the second token in the authorization request message with the account identifier representing the account;
determining that the first token is compromised or expired;
generating a replacement token for the first token;
processing the authorization request message using the second token, processing including:
notifying an authorization computer that the first token is compromised,
transmitting the replacement token to the authorization computer, the first token is deactivated and stored and stored in a database in lieu of the first token,
transmitting the modified authorization request message;
receiving, by the server computer from the authorization computer, an authorization response message indicating whether the transaction is authorized, wherein the authorization response message further includes a script and the replacement token in addition to contents related to processing the transaction using the second token; and
transmitting, to the transaction terminal of the resource provider, the authorization response message, wherein the replacement token replaces the first token on the transaction card via the script without replacing the transaction card, wherein the replacement token is stored on the transaction card replacing the first token.