Advancements in computer technologies including the Internet, wireless data transmission, and distributed networked computing have brought about new mechanisms for electronic devices to communicate and exchange information, including the use of tokenized information. Tokens can include files or information generated on-demand or for a limited period of time, to replace sensitive information normally transmitted in traditional computer systems. For example, a mobile device may generate an alphanumeric token to replace an account number, name, or any other sensitive information, and the token may be provided to another electronic device in order to establish a connection with the other device, convey sensitive information in a cryptic manner, or initiate or complete a transaction involving the token receiving device.
An example of the benefits of token-based transactions relates to online purchase transactions. In traditional systems, a computer transmits account information such as a credit card number to a merchant. The merchant then authorizes the credit card once to complete the transaction, but then may authorize the account number multiple additional times. For example, backordered items or split shipments may require multiple authorizations at multiple different times after the initial purchase transaction is completed, because merchants generally collect payment when items are shipped, and not when the order is received. Thus, the merchant's computer system retains the sensitive account information and uses the information as needed to charge the purchaser when items are shipped or become available. Traditional systems are extremely vulnerable, however, because the sensitive account information is stored at the merchant system and subject to compromise including fraud, hacking, and identity theft.
Advances in computer technology and widespread Internet connectivity have given rise to new systems which address the security concerns of traditional systems and complete purchase transactions in a more secure manner. Modern systems use electronic “tokens” in place of sensitive account information. Unlike an account number, a token is a set of information, such as an alphanumeric string, that points to an account. Using a token, the merchant and intermediary processing entities do not obtain any sensitive information, yet the merchant and processing servers can complete the transaction and associate the transaction with the correct account. After the transaction completes, the token may expire or otherwise deactivate. As another example, a server may generate a token for allowing access for a user to a secure area for a predetermined amount of time, so that the user can unlock electronic doors with a card, fob, or mobile device without sending sensitive identification data.
Tokens are often generated for transmission from particular devices, for use with particular merchants, or with far shorter lifespans than sensitive account numbers. Therefore, a compromised token does not automatically give unauthorized individuals access to an account. Token systems are necessarily rooted in Internet computer technologies, because they are often generated dynamically or frequently, and often include additional verification requirements identifying the device that presented the token in a transaction, or expected parties in transactions. Thus, token systems have greatly increased the security of Internet-based purchase transactions.
Token systems are not without faults and drawbacks, and with the proliferation of ecommerce and merchant aggregators such as eBay and Amazon, problems have arisen in token systems that result in decreased network performance as well as diminished backend computer system performance. For example, tokens often expire after a predetermined time period or amount of usage. Tokens that expire prematurely often result in failed or declined transactions, prompting new transactions, additional token requests, and additional tokens. In modern bidirectional communication systems, the additional network and processing load compounds quickly due to the number of users, and backend system performance suffers from unnecessary transaction declines and redundant token generation.
In view of the shortcomings of current systems, improved systems and methods for electronic token generation and tokenized device interaction are desired, to improve backend computer system performance and reliability, as well as enhance performance in Internet-based transactions.