| CPC G06Q 20/3829 (2013.01) [G06Q 20/3224 (2013.01); H04L 9/30 (2013.01); H04L 2209/56 (2013.01)] | 19 Claims |
|
6. A method comprising:
accessing, by a first computer processor circuit of a transaction service, a cryptographic schema associated with the transaction service, the cryptographic schema comprising a public key of a public-private key pair, a cryptographic algorithm, and a payload schema identifying privileges granted to a client device;
generating, by the first computer processor circuit, a cryptographic token using a private key of the public-private key pair using the cryptographic algorithm and the payload schema, wherein the cryptographic token comprises a cryptographic key signed with the private key, metadata about the cryptographic token, and the payload identifying privileges granted to the client device;
transmitting, by the first computer processor circuit, the cryptographic token to the client device;
receiving, at a second computer processor circuit from the client device, a request for transaction configuration information for a transaction, the request comprising the cryptographic token and information about one or more applications running on the client device and a geographic indicator corresponding to a location of the client device;
accessing, by second computer processor circuit, the cryptographic schema associated with the transaction service;
authenticating, at the second computer processor circuit and without performing any communication with the first computer processor circuit, the cryptographic token from the request using the public key and the payload schema from the accessed cryptographic schema on a payload of the cryptographic token to determine whether the privileges granted to the client device satisfy one or more criteria;
determining, at the second computer processor circuit, to grant the request based on the authentication of the cryptographic token according to the accessed cryptographic schema;
generating, at the second computer processor circuit, the transaction configuration information using the payload of the cryptographic token and the information about the one or more applications running on the client device and the geographic indicator, wherein the transaction configuration information is formatted for the one or more applications; and
in response to determining to grant the request at the second computer processor circuit, sending the generated transaction configuration information to the client device.
|