| CPC G06Q 20/4014 (2013.01) [G06Q 20/108 (2013.01)] | 17 Claims |
|
1. A method for securely transmitting sensitive information between services over a network, comprising:
receiving, at a client application executing on one or more first computing devices, a token from a token-originating service, wherein:
the token corresponds to certain sensitive information that is available from the token-originating service,
the token-originating service provides an application programming interface (API), and
the client application requests the token via the API;
sending the token from the client application to a target service executing on one or more second computing devices, wherein the target service requires the certain sensitive information to perform a particular action, and wherein the target service includes a plurality of client simulators;
selecting, by the client application, a particular client simulator from the plurality of client simulators based on the particular client simulator supporting the API provided by the token-originating service;
the target service causing the particular client simulator to use the token to obtain the certain sensitive information from the token-originating service via the API in a secure service-to-service communication over the network without exposing the certain sensitive information to the client application; and
after obtaining the certain sensitive information from the token-originating service, the target service using the certain sensitive information to perform the particular action.
|