CPC G06F 21/6209 (2013.01) [G06F 21/6227 (2013.01); H04L 9/0643 (2013.01)] | 20 Claims |
1. A computer-implemented method for in-memory tokenization by an application server, the method comprising:
transmitting, from the application server to a hardware security module, a request for an encryption key;
receiving, in response to the request and from the hardware security module, the encryption key;
receiving, from a client device, a tokenization request that includes a user object;
determining, by the application server, that the user object or a hash of the user object has not previously been stored in a multi-level cache in the application server, wherein the multi-level cache is an in-memory database in the application server;
generating, based on the determining that the user object or the hash of the user object has not previously been stored in the multi-level cache, a token, wherein the token is not based on information in the user object and wherein the token is generated based on information stored in the multi-level cache and the encryption key;
encrypting, by the application server, the user object using the encryption key to generate an encrypted user object; and
storing the encrypted user object and the token in the multi-level cache.
|