US 11,922,407 B2
System, method, and computer program product for secure payment device data storage and access
Shankara Narayanan Ramesh, Singapore (SG); Lin Htet Aung, Singapore (SG); Ibrahim Kusumah Kusnanto, Singapore (SG); Michael Angelo Sarmiento Olimpo, Singapore (SG); Leo Laksmana, Singapore (SG); Anup Tripathi, San Mateo, CA (US); and Imo Michael Akpan, Miami, FL (US)
Assigned to Visa International Service Association, San Francisco, CA (US)
Appl. No. 17/639,990
Filed by Visa International Service Association, San Francisco, CA (US)
PCT Filed Sep. 16, 2021, PCT No. PCT/US2021/050676
§ 371(c)(1), (2) Date Mar. 3, 2022,
PCT Pub. No. WO2023/043445, PCT Pub. Date Mar. 23, 2023.
Prior Publication US 2023/0085031 A1, Mar. 16, 2023
Int. Cl. G06Q 20/40 (2012.01); G06Q 20/38 (2012.01)
CPC G06Q 20/382 (2013.01) [G06Q 20/4014 (2013.01)] 18 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
receiving, with at least one processor of a remote access system, a payment device enrollment request from an application provider system through a first communication channel comprising a first data transmission path, the payment device enrollment request comprising payment device data associated with a payment device of a user;
in response to receiving the payment device enrollment request, generating, with the at least one processor, a unique payment device token associated with the payment device;
transmitting, with the at least one processor, the unique payment device token for storage on a client device of the user by transmitting a payment device enrollment response comprising the unique payment device token to the application provider system through the first communication channel;
storing, with the at least one processor, the payment device data;
generating, with the at least one processor, a unique uniform resource locator (URL) associated with the payment device, the unique URL comprising a deep link accessible by the client device of the user;
encrypting, with the at least one processor, the unique URL based on the unique payment device token stored on the client device to produce an encrypted unique URL, such that the encrypted unique URL is decryptable by the client device based on the unique payment device token;
transmitting, with the at least one processor, the encrypted unique URL to the client device of the user via the application provider system through the first communication channel;
receiving, with the at least one processor, a data access request from the client device via the unique URL through a second communication channel separate from the first communication channel, wherein the second communication channel comprises a second data transmission path different from the first data transmission path and is exclusive of the application provider system;
in response to receiving the data access request, verifying, with the at least one processor, an identity of the user by executing a step-up authentication protocol; and
in response to verifying the identity of the user, transmitting, with the at least one processor, a data access response comprising the payment device data to the client device through the second communication channel.