A token is an identifier that may be used to replace an actual account identifier. The token can be presented to a resource provider to access or obtain goods or services provided by the resource provider using the account represented by the token. In case the tokens are compromised, the underlying account may still be protected from attacks or fraudulent use.
In conventional systems, all generated tokens including tokens that are not-in-use or are expired, are stored indefinitely. Storing unused tokens results in unnecessary usage of memory space of a token vault and reflects as additional cost to the entity holding the tokens. In addition, since there is a limited number of tokens that can be generated, unused tokens unnecessarily use up this limited number. Conventional systems are also unable to add contextual value (e.g. an importance level, a level flag, etc.) to the token that is being generated.
Embodiments of the invention address these and other problems, individually and collectively.