Abstract: Embodiments of the invention provide a system for encrypting web session data which may include a session management module adapted to receive data from a web application module and provide a token that represents the data in encrypted form to the web application, wherein the web application is adapted to use the token to represent the data. The system may also include a tokenizer module communicably coupled to the session management module, wherein the tokenizer module is adapted to receive the data and generate the token. Further, the system may include a database communicably coupled to the session management module, wherein the database is adapted to receive the token and the data, associate the token with the data, and store the token and the data.

Abstract: A reference token service (RTS) is disclosed. Generally, the RTS receives sensitive data items from trusted source applications associated with particular merchants. Upon receipt of a particular sensitive data item from a particular merchant, the RTS identifies one or more reference token pools corresponding to the merchant. Each reference token pool includes a plurality of reference tokens comprising formats and data structures corresponding to sensitive data items and compatible with the merchant. The RTS receives a crypto token associated with the sensitive data item which may not conform to the merchant's formatting or data requirements. The RTS associates the crypto token with a reference token corresponding to the merchant, which is provided to the merchant for sharing and retrieval of the sensitive data item amongst the merchant's various applications.

Abstract: A reference token service is herein described. In one embodiment, the reference token service receives raw data strings from trusted source applications associated with merchants or other users. Upon receipt of a given raw data string, the reference token service then identifies one or more reference token pools corresponding to a merchant that sent the raw data string, wherein each reference token pool includes a plurality of reference tokens with comprising formats and data structures compatible with the merchant. The raw data string is then sent to a crypto system for tokenization. The crypto system returns a crypto token to the reference token service, wherein the crypto token may not satisfy the specific formatting or data requirements of the merchant. The crypto token is then associated with a reference token corresponding to the merchant, and the reference token is provided to the merchant.

Abstract: A system and method for reconciling transaction data, including identifying one or more transactions to be reconciled; aggregating one or more potential matching purchase orders; and creating a proposal that identifies one or more purchase orders that may correlate to the transaction to be reconciled, wherein creating a proposal comprises performing one or more search iterations to identify one or more purchase orders that fit within one or more parameters of the search iterations.

Abstract: Embodiments of the invention provide a system for encrypting web session data which may include a session management module adapted to receive data from a web application module and provide a token that represents the data in encrypted form to the web application, wherein the web application is adapted to use the token to represent the data. The system may also include a tokenizer module communicably coupled to the session management module, wherein the tokenizer module is adapted to receive the data and generate the token. Further, the system may include a database communicably coupled to the session management module, wherein the database is adapted to receive the token and the data, associate the token with the data, and store the token and the data.

Abstract: A system and method for cryptography. The system may include a cryptography module in communication with a database and configured to perform cryptography operations on data in the database, a rotation module configured to rotate data in the database, and one or more application interfaces configured to remain responsive while the rotation module rotates the data in the database. Rotating the data in the database may include decrypting a stored value in a system with a first key to produce a decrypted value, encrypting the decrypted value with a second key to produce an encrypted value, and replacing the stored value with the encrypted value.

Abstract: The embodiments of this invention relate to methods for managing encrypted data. An embodiment of this method includes sending data from a first application to a server, encrypting the data sent from the first application to the server to produce encrypted data, storing the encrypted data at the server; and sending a token to the first application, wherein the token references the encrypted data.