Abstract: A method includes receiving a security profile comprising user-defined rules for processing sensitive data, and identifying a plurality of sensitive data components in a data file according to the security profile. The method further includes generating a respective format-preserving token for each of the identified plurality of sensitive data components. The method additionally includes generating a corresponding token key for each of the respective-format preserving tokens, and replacing each of the plurality of sensitive data components in the data file with the respective format-preserving token. Further, the method includes cryptographically camouflaging each of the token keys using a first password and storing each of the cryptographically camouflaged token keys.

Abstract: A method includes receiving a transaction authorization request for a transaction between a user and a transaction system. The method also determines the location of the transaction system based and receiving the location of an account holder device associated with the account. The method also determines whether an increased authorization level is required for the transaction based on the location of the transaction system and the location of the account holder device. If the increased authorization level is required for the transaction, the method includes transmitting an increased authorization inquiry to the transaction system and receiving a response to the increased authorization inquiry. The increased authorization inquiry may be associated with a predetermined response. The method determines whether to authorize the transaction based on the response by the user and the predetermined response to the increased authorization inquiry.

Abstract: According to an embodiment of the present disclosure, a method by a server includes receiving, by the server, a request to conduct a transaction between a merchant and a secondary device associated within an account. A request for a personal identification number (PIN) is transmitted to the secondary computing device. The PIN is received from the secondary computing device. The PIN and transaction information associated with the transaction is forwarded to a primary computing device registered with the account. Authorization to allow the secondary computing device to conduct the transaction is received from the primary computing device. Based on the authorization received from the primary computing device, the transaction between the secondary computing device and a merchant is authorized.

Abstract: According to an embodiment of the present disclosure, a method by a server includes receiving, by the server, a request to register a computing device for conducting transactions associated with an account. The server determines that a primary computing device is already registered as a first authorized device for conducting transactions associated with the account. A request to authorize the computing device as a second authorized device for conducting transactions associated with the account is transmitted to the primary computing device. Permission to register the computing device as the second authorized device is received from the primary computing device. The computing device is then registered as the second authorized device for conducting transactions associated with the account.

Abstract: A method includes receiving a security profile comprising user-defined rules for processing sensitive data, and identifying a plurality of sensitive data components in a data file according to the security profile. The method further includes generating a respective format-preserving token for each of the identified plurality of sensitive data components. The method additionally includes generating a corresponding token key for each of the respective-format preserving tokens, and replacing each of the plurality of sensitive data components in the data file with the respective format-preserving token. Further, the method includes cryptographically camouflaging each of the token keys using a first password and storing each of the cryptographically camouflaged token keys.

Abstract: Techniques are disclosed relating to generating tokens dynamically using payment keys. In some embodiments, a computer system may receive a transaction authorization request including a transaction token. The computer system may, in some embodiments, identify a transaction account number and a plurality of payment keys that were sent to a user device. Further, in some embodiments, the computer system may generate an authentication token that is usable to validate the transaction token.