CPC G06Q 20/3829 (2013.01) [G06Q 20/34 (2013.01)] | 8 Claims |
1. A computer system for executing an electronic payment transaction while conducting a key rotation and re-keying comprising:
a transaction server comprised of:
a card vault component, comprised of a payment token in encrypted form and a corresponding token encryption key identifier;
a data structure comprised of a first data encryption key stored in encrypted form and a second data encryption key stored in encrypted form and a corresponding first key identifier and second key identifier;
a data memory comprised of program code that when executed causes the transaction server to:
decrypt the first and second data encryption keys;
store the decrypted first and second data encryption keys only in a local data memory of the transaction server that is executing the electronic payment transactions;
determine the condition that either the first data encryption key or the second data encryption key identifiers match the token encryption key identifier;
determine which of the members of a set of the first data encryption key and the second data encryption key is one generation older than the other data encryption key in the set;
decrypt the payment token using the determined data encryption key; and
process the electronic payment transaction using the decrypted payment token.
|