US 12,278,903 B2
Systems and methods for use in implementing self-exclusion preferences
Bryn Anthony Robinson-Morgan, Mosborough Village (GB); Liang Tian, Rye Brook, NY (US); and Prashant Sharma, Madison, NJ (US)
Assigned to MASTERCARD INTERNATIONAL INCORPORATED, Purchase, NY (US)
Filed by MASTERCARD INTERNATIONAL INCORPORATED, Purchase, NY (US)
Filed on Oct. 28, 2022, as Appl. No. 17/976,144.
Claims priority of provisional application 63/295,122, filed on Dec. 30, 2021.
Prior Publication US 2023/0216680 A1, Jul. 6, 2023
Int. Cl. H04L 9/32 (2006.01); H04L 9/40 (2022.01)
CPC H04L 9/3213 (2013.01) [H04L 9/3226 (2013.01); H04L 63/0807 (2013.01)] 15 Claims
OG exemplary drawing
 
1. A computer-implemented method for use in imposing self-exclusion preferences for data access, the method comprising:
in response to a request by a user to impose at least one self-exclusion preference on a digital identity of the user, generating, by a computing device, an identifier unique to the user, the at least one self-exclusion preference including a rule defined by the user and specific to a transaction type, the rule including an allow condition and/or a block condition;
requesting, by the computing device, a token for the digital identity from a tokenization service computing device;
receiving, by the computing device, the token and a secret associated with the token;
storing at least the token and the secret;
assigning the at least one self-exclusion preference to the token;
receiving, by the computing device, from a relying party, a request to share at least one identity attribute of the digital identity of the user with the relying party for a transaction consistent with the transaction type of the at least one self-exclusion preference, the request including a signed package including said token;
passing, by the computing device, the token to the tokenization service computing device, whereby the tokenization service computing device identifies the identifier associated with the user based on the token;
receiving, by the computing device, the identifier from the tokenization service computing device;
retrieving, by the computing device, the at least one self-exclusion preference associated with the identifier;
validating that the request to share the at least one identity attribute of the digital identity of the user is permitted based on the allow condition and/or the block condition of the at least one self-exclusion preference; and
in response to the request being permitted, authorizing, by the computing device, via the relying party, a mobile device associated with the user to share the at least one identity attribute of the digital identity of the user with the relying party.