Abstract: The invention provides a method for transmission of sensitive information via an untrusted party. The sensitive information is held by a trusted computer and is transmitted via an untrusted computer to a recipient computer. Before transmission, the trusted computer encrypts the sensitive information using an encryption key that is associated with the recipient computer. The untrusted computer does not have access to a corresponding decryption key and is therefore unable to decrypt the sensitive information. The recipient computer is able to decrypt the encrypted sensitive information using a decryption key that it has access to and is thus able to gain access to the sensitive information without further communication with the trusted computer. This method has utility in payment transactions, particularly e-commerce transactions.

Abstract: A computer system includes a database, a communication interface, and a processor(s). The processor(s) is programmed to receive a consent message from a cardholder computing device. The consent message includes cardholder consent information indicating consent to one or more data services. The processor(s) is also programmed to receive transaction card details from the cardholder computing device. The transaction card details correspond to a transaction card of a cardholder and are associated with a financial account of the cardholder. Based on the transaction card details, the processor(s) generates a digital access token. The digital access token is associated with the financial account and the cardholder consent information. The processor(s) stores the digital access token in the database, transmits a cardholder authentication request message to an issuer, and receives an authentication ID from the cardholder computing device.

Abstract: A computer system includes a database, a communication interface, and a processor(s). The processor(s) is programmed to receive a consent message from a cardholder computing device. The consent message includes cardholder consent information indicating consent to one or more data services. The processor(s) is also programmed to decrypt transaction card details included in a secure request message. The transaction card details correspond to a transaction card of a cardholder and are associated with a financial account of the cardholder. Based on the transaction card details, the processor(s) generates a digital access token. The digital access token is associated with the financial account and the cardholder consent information. The processor(s) stores the digital access token in the database, transmits a cardholder authentication request message to an issuer, and receives an authentication ID from the cardholder computing device.

Abstract: A computer system includes a database, a communication interface, and a processor. The processor is programmed to receive a request message from an issuer computing device. The consent message includes a client ID and encrypted transaction card details for a transaction card account. The processor is also programmed to decrypt transaction card details. The processor is also programmed to match the client ID to the transaction card details using a BIN mapping table stored in the database. Based on the mapping, the processor generates an issuer access token. The issuer access token is associated with the transaction card account. The processor stores the issuer access token in the database and transmits the token to the issuer computing device.