Embodiments of the invention improve upon existing security systems and methods. In some existing security systems and methods, entities can use tokens instead of real account numbers to conduct payment transactions. A token can be a substitute for the real account number. For example, once a merchant receives a real account number identifier from a consumer, the merchant can submit the real account number to a tokenization service system and can subsequently receive a token in return. The merchant can use the token to process the consumer's order for goods instead of the real account number, and may store the token in a database. By using and storing the token and by not storing or using the real account number, data security is improved. That is, if the token is somehow obtained by an unauthorized person, it will be useless.
When a merchant accepts an order from another upstream merchant, the upstream merchant may only use real account numbers and not tokens. The upstream merchant may also store the real account number in its system and refer to the order using the real account number, instead of the token. However, when the merchant accepts the order from the upstream merchant in a business transaction, the merchant has trouble getting paid by the upstream merchant, because the upstream merchant does not wish to receive or store real account numbers. It would rather store tokens.
It would be desirable to provide for a system and method that can provide data security and efficient payment transactions to those entities that wish to use tokens, while allowing them to receive and make payments to entities that wish to use real account numbers to process payments, rather than tokens.
Embodiments of the invention address this and other problems, individually and collectively.