CNARE KEVIN S (US)
PLATT JR PATRICK M (US)
| WO2012091350A2 | 2012-07-05 | |||
| WO2012091349A2 | 2012-07-05 | |||
| WO2013056104A1 | 2013-04-18 | |||
| WO2002073864A2 | 2002-09-19 |
| US20070198438A1 | 2007-08-23 | |||
| US20100130164A1 | 2010-05-27 | |||
| US20120101951A1 | 2012-04-26 | |||
| KR20110062620A | 2011-06-10 | |||
| US20100291904A1 | 2010-11-18 | |||
| US20070130252A1 | 2007-06-07 |
| WHAT IS CLAIMED IS: 1. A method for processing a request relating to a mobile device, the method comprising steps of: receiving, from a partner system via a communication network, a request including a mobile device identifier and a partner system identifier corresponding to the partner system; executing an authorization procedure based on the mobile device identifier and the partner system identifier, wherein the step of executing the authorization procedure includes steps of: determining whether a partner system account list, associated with the mobile device identifier, includes the partner system identifier; granting authorization of the request, if the partner system account list includes the partner system identifier; denying authorization of the request, if the partner system account list does not include the partner system identifier; and transmitting, to the partner system via the communication network, a response to the request, based on a result of the executing step. 2. The method of claim 1, wherein the step of receiving the request includes receiving the request from the partner system by way of a portal and a gateway, and wherein the method further comprises steps of: authenticating the partner system at the gateway; and appending the partner system identifier to the request at the gateway. 3. The method of claim 2, wherein the request further includes an agent identifier, and wherein the portal includes a graphical user interface (GUI) that enables the partner system to generate a predetermined set of requests based on a predetermined access level associated with the partner system and the agent identifier. 4. The method of claim 1, wherein the request is a request for consumer data relating to a mobile wallet associated with the mobile device identifier, the consumer data including any one or a combination of: a consumer profile, wallet information, wallet event history, service account information, service account history, and service account event status. 5. The method of claim 4, wherein, if the authorization of the request is granted, the method further comprises steps of: retrieving the consumer data from a wallet server; and including the consumer data in the response. 6. The method of claim 1, wherein the request is a request for performance of an operation relating to a mobile wallet associated with the mobile device identifier, the operation including any one or a combination of: updating a service account state, updating a mobile wallet state, resetting a password, and resetting a security question and answer. 7. The method of claim 6, wherein, if the authorization of the request is granted, the method further comprises a step of performing the operation by transmitting one or more commands to the mobile wallet. 8. A system for processing a request relating to a mobile device, the system comprising: a processor; and at least one memory accessible by the processor and storing at least one of: computer code executable by the computer processor, and data used by the computer code, wherein the computer code includes: a receiving module that receives, from a partner system via a communication network, a request including a mobile device identifier and a partner system identifier corresponding to the partner system, an execution module that executes an authorization procedure based on the mobile device identifier and the partner system identifier, wherein the authorization procedure includes: determining whether a partner system account list, associated with the mobile device identifier, includes the partner system identifier, granting authorization of the request, if the partner system account list includes the partner system identifier, and denying authorization of the request, if the partner system account list does not include the partner system identifier, and a transmitting module that transmits, to the partner system via the communication network, a response to the request, based on a result of the authorization procedure executed by the executing module. 9. The system of claim 8, wherein the receiving module receives the request from the partner system by way of a portal and a gateway, and wherein the computer code further includes: an authentication module that authenticates the partner system at the gateway; and an appending module that appends the partner system identifier to the request at the gateway. 10. The system of claim 9, wherein the request further includes an agent identifier, and wherein the portal includes a graphical user interface (GUI) that enables the partner system to generate a predetermined set of requests based on a predetermined access level associated with the partner system and the agent identifier. 11. The system of claim 8, wherein the request is a request for consumer data relating to a mobile wallet associated with the mobile device identifier, the consumer data including any one or a combination of: a consumer profile, wallet information, wallet event history, service account information, service account history, and service account event status. 12. The system of claim 11, wherein the computer code further includes: a retrieval module that, if the authorization of the request is granted, retrieves the consumer data from a wallet server; and an inclusion module that, if the authorization of the request is granted, includes the consumer data in the response. 13. The system of claim 8, wherein the request is a request for performance of an operation relating to a mobile wallet associated with the mobile device identifier, the operation including any one or a combination of: updating a service account state, updating a mobile wallet state, resetting a password, and resetting a security question and answer. 14. The system of claim 13, wherein the computer code further includes: a performance module that, if the authorization of the request is granted, performs the operation by transmitting one or more commands to the mobile wallet. 15. A non-transitory computer -readable medium having stored thereon sequences of instructions that, when executed by a computer processor, cause the computer processor to: receive, from a partner system via a communication network, a request including a mobile device identifier and a partner system identifier corresponding to the partner system; execute an authorization procedure based on the mobile device identifier and the partner system identifier, wherein the authorization procedure includes: determining whether a partner system account list, associated with the mobile device identifier, includes the partner system identifier, granting authorization of the request, if the partner system account list includes the partner system identifier, and denying authorization of the request, if the partner system account list does not include the partner system identifier; and transmit, to the partner system via the communication network, a response to the request, based on a result of the executing of the authentication procedure. 16. The non-transitory computer-readable medium of claim 15, wherein the receiving of the request includes receiving the request from the partner system by way of a portal and a gateway, and wherein the sequences of instructions, when executed by the computer processor, further cause the computer processor to: authenticate the partner system at the gateway; and append the partner system identifier to the request at the gateway. 17. The non-transitory computer-readable medium of claim 16, wherein the request further includes an agent identifier, and wherein the portal includes a graphical user interface (GUI) that enables the partner system to generate a predetermined set of requests based on a predetermined access level associated with the partner system and the agent identifier. 18. The non-transitory computer-readable medium of claim 15, wherein the request is a request for consumer data relating to a mobile device associated with the mobile wallet identifier, the consumer data including any one or a combination of: a consumer profile, wallet information, wallet event history, service account information, service account history, and service account event status. 19. The non-transitory computer-readable medium of claim 18, wherein the sequences of instructions, when executed by the computer processor, further cause the computer processor to: retrieve the consumer data from a wallet server, if the authorization of the request is granted; and include the consumer data in the response, if the authorization of the request is granted. 20. The non-transitory computer-readable medium of claim 15, wherein the request is a request for performance of an operation relating to a mobile wallet associated with the mobile device identifier, the operation including any one or a combination of: updating a service account state, updating a mobile wallet state, resetting a password, and resetting a security question and answer. |
PRODUCTS FOR PROCESSING A REQUEST RELATING TO A MOBILE COMMUNICATION DEVICE
BACKGROUND
Field
[0001] Example aspects described herein relate generally to mobile communication devices, and more particularly to systems, methods, and computer program products for processing requests relating to mobile communication devices.
Related Art
[0002] Mobile communication devices (also referred to herein as mobile devices) are becoming more and more versatile, and are being used in an increasing number of ways to make various everyday tasks simpler and/or more efficient. For example, mobile devices are being made to include mobile applications, such as mobile wallets, which may be used to conduct financial transactions (e.g. , payments) and/or non-financial transactions (e.g. , venue admissions), without the need for physical cash, checks, credit cards, tickets, and/or the like.
[0003] In order to enable consumer care systems and/or agents to provide consumer care to mobile device users, e.g. , when issues arise relating to mobile devices and/or mobile applications stored thereon, it would be beneficial to provide the consumer care systems and/or agents with access to information relating to mobile devices or applications, and/or enable the agents to perform various operations relating to mobile devices or applications. However, because information relating to mobile devices or applications can be sensitive or confidential, access to such information and to operations relating to mobile devices or applications must be restricted for security and privacy reasons.
[0004] Given the foregoing, it would be beneficial to safeguard information relating to mobile communication devices and restrict access to operations relating to mobile communication devices, while also providing consumer care systems and/or agents with a level of access to such information and/or operations that is sufficient for consumer care purposes.
[0005] One technical challenge in doing so lies in the processing of mobile communication device information and/or operation requests that are received from different entities (e.g. , a mobile wallet provider, external partners, such as payment product issuers (also referred to herein as "issuers") and/or mobile network operators (MNOs), and/or the like) and/or personnel that may provide consumer care in connection with mobile communication devices. Moreover, different levels of access may be appropriate for specific levels of personnel (e.g. , consumer care agents) within a particular entity.
SUMMARY
[0006] The example embodiments herein provide systems, methods, and computer program products for processing a request relating to a mobile communication device. The request, in some example embodiments herein, may relate to a mobile application, such as a mobile wallet, stored on the mobile communication device.
[0007] In accordance with one example aspect herein, a request, including a mobile device identifier and a partner system identifier corresponding to the partner system, is received from a partner system via a communication network. An authorization procedure is executed based on the mobile device identifier and the partner system identifier. The authorization procedure includes determining whether a partner system account list, associated with the mobile device identifier, includes the partner system identifier. Authorization of the request is granted if the partner system account list includes the partner system identifier; and is denied if the partner system account list does not include the partner system identifier. A response to the request is transmitted to the partner system via the communication network, based on a result of the authorization procedure.
[0008] In another example embodiment, the step of receiving the request includes receiving the request from the partner system by way of a portal and a gateway, and the method further comprises steps of: (1) authenticating the partner system at the gateway; and (2) appending the partner system identifier to the request at the gateway.
[0009] In one example herein, the request further includes an agent identifier, and the portal includes a graphical user interface (GUI) that enables the partner system to generate a predetermined set of requests based on a predetermined access level associated with the partner system and the agent identifier. [0010] In accordance with some example aspects herein, the request is a request for consumer data relating to a mobile wallet associated with the mobile device identifier, the consumer data including any one or a combination of: (1) a consumer profile, (2) wallet information, (3) wallet event history, (4) service account information, (5) service account history, and (6) service account event status.
[0011] If the authorization of the request is granted, in one example, the method further comprises steps of: (1) retrieving the consumer data from a wallet server; and (2) including the consumer data in the response.
[0012] In another example herein, the request is a request for performance of an operation relating to a mobile wallet associated with the mobile device identifier, and the operation includes any one or a combination of: (1) updating a service account state, (2) updating a mobile wallet state, (3) resetting a password, and (4) resetting a security question and answer.
[0013] If the authorization of the request is granted, the method further comprises a step of performing the operation by transmitting one or more commands to the mobile wallet, in accordance with another example herein.
BRIEF DESCRIPTION OF THE DRAWINGS
[0014] The features and advantages of the example embodiments presented herein will become more apparent from the detailed description set forth below when taken in conjunction with the following drawings.
[0015] FIG. 1 is a diagram of an example system for processing a request relating to a mobile device, in accordance with various example embodiments herein.
[0016] FIG. 2 shows an example procedure for processing a request relating to a mobile device, in accordance with an example embodiment herein.
[0017] FIG. 3 shows an example procedure for authorizing a request relating to a mobile device, in accordance with an example embodiment herein.
[0018] FIG. 4 shows an example procedure for processing a request for consumer profile information relating to a mobile wallet, in accordance with an example embodiment herein.
[0019] FIG. 5 shows an example procedure for processing a request for mobile wallet information, in accordance with an example embodiment herein.
[0020] FIG. 6 shows an example procedure for processing a request for wallet event history relating to a mobile wallet, in accordance with an example embodiment herein.
[0021] FIG. 7 shows an example procedure for processing a request for status regarding executions of predetermined processing workflows relating to a mobile wallet, in accordance with an example embodiment herein.
[0022] FIG. 8 shows an example procedure for processing a request to update a mobile wallet state, in accordance with an example embodiment herein.
[0023] FIG. 9 shows an example procedure for processing a request to reset a password relating to a mobile wallet, in accordance with an example embodiment herein. [0024] FIG. 10 shows an example procedure for processing a request to reset a security question and answer relating to a mobile wallet, in accordance with an example embodiment herein.
[0025] FIG. 11 shows an example procedure for authorizing a request relating to a mobile device, in accordance with an example embodiment herein.
[0026] FIG. 12 shows an example procedure for processing a request for consumer profile information relating to a mobile wallet, in accordance with an example embodiment herein.
[0027] FIG. 13 shows an example procedure for processing a request for mobile wallet information, in accordance with an example embodiment herein.
[0028] FIG. 14 shows an example procedure for processing a request for service account information relating to a mobile wallet, in accordance with an example embodiment herein.
[0029] FIG. 15 shows an example procedure for processing a request for wallet event history relating to a mobile wallet, in accordance with an example embodiment herein.
[0030] FIG. 16 shows an example procedure for processing a request for service account history relating to a mobile wallet, in accordance with an example embodiment herein.
[0031] FIG. 17 shows an example procedure for processing a request for service account event status relating to a mobile wallet, in accordance with an example embodiment herein.
[0032] FIG. 18 shows an example procedure for processing a request to update a service account state, in accordance with an example embodiment herein.
[0033] FIG. 19 is a block diagram of a general and/or special purpose computer that may be employed in accordance with various example embodiments herein.
DETAILED DESCRIPTION
I. Overview
[0034] The terms "payment product" and "card" may be used interchangeably herein to refer to a product, such as a credit card, a general purpose reloadable (GPR) card, and/or the like, that may be used to conduct financial transactions.
[0035] The term "service provider data" as used herein generally refers to data relating to one or more service providers, service provider systems, and/or services provided by one or more service providers. In some example embodiments herein, service provider data refers to any data associated with a service provider that is stored in a wallet database and/or in a wallet client database.
[0036] The term "wallet instance" as used herein generally refers to one instance of a wallet, mobile wallet, and/or mobile wallet application that is deployed and/or stored on a mobile device.
[0037] Presented herein are novel and inventive systems, methods, and computer program products for processing a request relating to a mobile communication device. The request, in some examples herein, may relate to a mobile application, such as a mobile wallet (which may also be referred to as a "mobile wallet client" or a "wallet client"), stored on the mobile communication device. In accordance with some aspects described herein, systems, methods, and computer program products are provided that enable the safeguarding of information relating to mobile communication devices and the restriction of access to operations relating to mobile communication devices, while also providing consumer care systems and/or agents with a level of access to such information and/or operations that is sufficient for consumer care purposes.
[0038] Some example aspects described herein facilitate the processing of mobile wallet information and/or operation requests that are received from systems managed by different entities (e.g. , a mobile wallet provider, external partners, such as payment product issuers and/or mobile network operators (MNOs), and/or the like) and/or personnel managing those systems who may provide consumer care in connection with mobile wallets. Different levels of access may be provided for specific levels of personnel (e.g. , consumer care agents) within a particular entity, in accordance with some example aspects herein.
II. System
[0039] FIG. 1 is a diagram of an example system 100 for processing a request relating to a mobile device, in accordance with various example aspects herein. The system 100 includes an enterprise service bus (ESB) 101, a wallet server 104 (which may also be referred to as a "mobile wallet server" or a "server"), a gateway 105, portals 106-1, 106-2, and 106-3 (individually and/or collectively referenced as "106"), a network 107, and one or more external partner system(s) 108.
[0040] The ESB 101 is communicatively coupled to the wallet server 104 by any suitable communication channel. In some example embodiments, the ESB 101 is communicatively coupled to the wallet server 104 by way of a direct connection, a proprietary network, a private network, a virtual private network (VPN), a network employing Hypertext Transfer Protocol (HTTP) standards, the Internet, and/or another type of network. The ESB 101, in another example, is communicatively coupled to the wallet server 104 via a secured communication channel.
[0041] The gateway 105 communicatively couples the ESB 101 to the one or more portal(s) 106 and to the external partner system(s) 108 by way of the network 107. The network 107 may be a mobile phone cellular network, a radio network, a proprietary network, a private network, a VPN, a network employing HTTP standards, the Internet, and/or another type of network.
[0042] The portals 106 are systems including interfaces, such as graphical user interfaces (GUIs), that enable a system and/or user (e.g., a consumer care agent of an entity (e.g. , an MNO, an issuer, or another entity) associated with a mobile wallet account) to log into a partner care account and generate certain requests relating to mobile wallet accounts associated with the entity. In one example embodiment, the GUI of each portal 106 enables the corresponding partner system to generate a predetermined set of requests based on a predetermined access level associated with the particular partner system and an agent identifier that uniquely identifies the user logged into the GUI of the portal 106. The requests that can be generated by way of the portals 106 include (1) requests for information stored in the wallet server 104 and associated with mobile wallets, and/or (2) requests for execution of operations relating to such mobile wallets.
[0043] In one example embodiment herein, the wallet server 104 stores numerous types of information relating to each of a plurality of mobile wallet accounts provided by a mobile wallet provider. For instance, the wallet server 104 stores, for each mobile wallet account, (1) a consumer profile, (2) wallet information, (3) wallet event history, (4) service account information, (5) service account history, and (6) service account event status. Although not shown in FIG. 1 for purposes of convenience, in some example embodiments the wallet server 104 may include, or be communicatively coupled to, a wallet database that stores information on behalf of the wallet server 104.
[0044] The wallet server 104 also is configured to execute numerous types of operations relating to mobile wallet accounts. For instance, the wallet server 104 is configured to execute, for each mobile wallet account, (1) an update of a service account state, (2) an update of a mobile wallet state, (3) a reset of a password, and (4) a reset of a security question and answer.
[0045] As will be described in further detail below, in accordance with various example aspects herein, the ESB 101 acts as an intermediary between the portals 106 and the wallet server 104. In one example embodiment herein, the ESB 101 represents a central ESB managed by a mobile wallet provider. In particular, the ESB 101 processes requests received from the one or more portals 106 relating to mobile wallets that have information stored in the wallet server 104, and orchestrates procedures among such systems, for example, to provide integrated access to information and/or operations relating to such mobile wallets. In some example embodiments, the system 100 does not include the ESB 101 and the functions implemented by the ESB 101 are implemented by the wallet server 104 instead, or by any other interconnected system (e.g. , a trusted service manager) programmed to execute such functionality.
[0046] As shown in FIG. 1, the ESB 101 includes an ESB proxy service 102 and an ESB task/utility service 103 (which may also be referred to herein as an "ESB task service"). The ESB proxy service 102 acts as an intermediary for requests received, by way of the network 107 and the gateway 105, from external systems (e.g. , the portals 106 and/or the external partner system(s) 108) seeking resources (e.g. , mobile -wallet-related information and/or operations) from the wallet server 104.
[0047] As described in further detail below, upon receiving such a request, the gateway 105 executes an authentication procedure to authenticate the system from which the request originated (e.g. , the portals 106 or the external partner system 108, also referred to herein as the "requestor" or the "requesting system"). In some example aspects herein, after authenticating the requesting system, the gateway 105 appends and/or adds to the request a partner system identifier that uniquely identifies the entity with which the requesting system is associated. After the requestor has been authenticated, the gateway 105 forwards the request to the ESB proxy service 102.
[0048] Upon receiving the request from the gateway 105, the ESB proxy service 102 cooperates with the ESB task service 103 to execute an authorization procedure for the request and/or further process the request. In particular, the proxy service 102 forwards the request, and/or instructions that the proxy service 102 prepares based on the request, to the ESB task service 103 for further processing. Upon receiving a request and/or other instructions from the proxy service 102, the ESB task service 103 executes one or more tasks (e.g. , an authorization procedure, the retrieval and transmission of mobile -wallet-related information from the wallet server 104 to the partner system, the execution of a mobile -wallet-related operation) based on the request and/or the other instructions.
[0049] In some example embodiments, the external partner system(s) 108 are systems owned, operated, maintained, and/or provided by external partners (e.g. , service providers, MNOs, payment product issuers, and/or the like) with which the ESB 101 interacts to execute operations (e.g. , suspension of a mobile wallet account, and/or the like) requested by a partner system relating to one or more mobile wallet accounts associated with the partner system.
III. Procedure
[0050] Having described an example system 100 for processing a request relating to a mobile device, reference will now be made to FIG. 2 to describe an example procedure 200 for processing a request relating to a mobile device, in accordance with an example embodiment herein.
[0051] At step 201, the gateway 105 receives, from one of the portals 106 associated with a corresponding partner system by way of the network 107, a request relating to a mobile device. As described in further detail below, depending on the type of request, the request may include various types of data elements. In one example embodiment, the request includes a mobile device identifier and a partner system identifier corresponding to the partner system.
[0052] In another example embodiment, the request also includes an agent identifier identifying the user (e.g. , a consumer agent) of the partner system and/or identifying a predetermined access level associated with the portal 106, the corresponding partner system, and/or the user. The portal 106 includes a graphical user interface (GUI) that enables the user to generate a predetermined set of requests based on a predetermined access level associated with the partner system and the agent identifier.
[0053] The request may be for consumer data relating to a mobile wallet associated with the mobile device identifier, and the consumer data may include any one or a combination of: (1) a consumer profile, (2) wallet information, (3) wallet event history, (4) service account information, (5) service account history, and (6) service account event status.
[0054] The request may also or alternatively be for performance of an operation relating to a mobile wallet associated with the mobile device identifier. The operation may include any one or a combination of: (1) updating a service account state, (2) updating a mobile wallet state,
(3) resetting a password, and (4) resetting a security question and answer.
[0055] At step 202, the gateway 105 executes an authentication procedure (e.g. , in a known manner by employing standard HTTP authentication certificates and/or a secure sockets layer
(SSL) protocol) to authenticate the partner system associated with the portal 106.
[0056] At step 203, a determination is made as to whether the partner system associated with the portal 106 was successfully authenticated by the authentication procedure executed at step 202. If the partner system associated with the portal 106 is not successfully authenticated by the authentication procedure executed at step 202 ("No" at step 203), then control passes to step 208 (described below) to transmit a response to the portal 106 indicating that the corresponding partner system was not successfully authenticated.
[0057] If, on the other hand, the partner system associated with the portal 106 is successfully authenticated by the authentication procedure executed at step 202 ("Yes" at step 203), then control passes to step 204. At step 204, the gateway 105 appends and/or adds to the request a partner system identifier that uniquely identifies the partner system from which the request originated. The gateway 105 then forwards the request to the ESB 101 for further processing.
[0058] At step 205, the ESB 101 executes an authorization procedure based on the mobile device identifier and the partner system identifier. Example authentication procedures that may be executed at step 205 are described in further detail below in connection with FIGS. 3 and 1 1. In general, however, the step of executing the authorization procedure may include steps of:
(1) determining whether a partner system account list, associated with the mobile device identifier, includes the partner system identifier; (2) granting authorization of the request, if the partner system account list includes the partner system identifier; and (3) denying authorization of the request, if the partner system account list does not include the partner system identifier.
[0059] At step 206, a determination is made as to whether authorization of the request has been granted at step 205. If authorization of the request has not been granted at step 205 ("No" at step 206), then control passes to step 208 (described below) to transmit a response to the portal 106 indicating that the request has not been authorized.
[0060] If, on the other hand, authorization of the request has been granted at step 205 ("Yes" at step 206), then control passes to step 207. At step 207, the ESB 101 and/or the wallet server 104 cooperate to fulfill the request by (1) retrieving the requested information from the wallet server 104 and/or (2) executing the requested operation (e.g. , by transmitting one or more commands to a corresponding mobile wallet). At step 208, the ESB 101 transmits, to the portal 106 via the communication network, a response to the request (e.g. , including the requested information and/or indicating whether or not the requested operation has been executed successfully).
A. Overview of Requests
[0061] As discussed above, various types of requests may be received by the ESB 101 from the portals 106 by way of the network 107 and the gateway 105. Various aspects of such requests will be described in further detail below. In general, the request may be a request for consumer data relating to a mobile device associated with a mobile wallet identifier included in the request. Alternatively, the request may be a request for performance of an operation relating to the mobile wallet associated with the mobile device identifier included in the request.
[0062] Depending on the type of request and/or on the type of entity from which the request originates, the request may include different types of messages, data elements, and/or may be communicated via different data flows. As described below in further detail, in one example embodiment, different types of messages, data elements, and data flows are employed for requests that originate from portals 106 associated with MNOs than for requests that originate from portals 106 associated with issuers. B. Mobile Network Operators
[0063] Reference will now be made to FIGS. 3 through 10 to describe various aspects of messages, data elements, and/or data flows that may be employed in connection with requests that originate from a portal 106 associated with an MNO, in accordance with various example embodiments herein.
1. Message Structure
[0064] In one example, a request that originates from a portal 106 associated with an MNO includes three components: a message header, a customer proprietary network information (CPNI) header, and a message body. An example set of data elements that may be included in the message header are described below in Table 1.
Table 1
Element Description Required Multiplicity Data Type
Reference ID A unique message Optional 1 String identifier (UUID) for (256) each message generated
by the calling client.
Used for tracking
purposes. Same reference
ID will be provided back
to the synchronous
response and also
asynchronous call back
response.
Transaction ID This is a unique message Optional 1 String identifier (UUID) for (256) each message generated
in ESB Layer. Also
called GUID in Oracle
ESB terms.
Originator ID Originator who creates Optional 1 String
(also referred to as message; in some cases (32) a "partner system may be appended/added
identifier") to request by gateway
105.
DateTime Stamp Date and time when the Optional 1 DateTime message is invoked.
Provided by calling
client. [0065] An example set of data elements that may be included in the CPNI header are described below in Table 2.
Table 2
2. Authorization Procedure
[0066] Having described an example procedure 200 for processing a request relating to a mobile device, reference will now be made to FIG. 3 to describe an example procedure 300 for authorizing a mobile wallet-related request that originates from a portal 106 associated with an MNO, in accordance with an example embodiment herein. In one example embodiment, the procedure 300 further represents the procedure described above in connection with step 206 of FIG. 2.
[0067] Although not shown in FIG. 3 for purposes of convenience, prior to step 301, the ESB proxy service 102 extracts a value of a consumer MDN (also referred to as a "mobile device identifier", described above in Table 2) from the CPNI header, and extracts a value of an originator ID (also referred to as a "partner system identifier", described above in Table 1) from the message header.
[0068] At step 301, the ESB proxy service 102 transmits an authorization request message to the ESB task service 103. This causes the ESB task service 103 to communicate, at step 302, a getlnfo message, including the consumer MDN, to the wallet server 104 to retrieve a partner system account list associated with the mobile device identifier.
[0069] At step 303, the wallet server 104 communicates a response to the ESB task service 103 including the partner system account list associated with the mobile device identifier.
[0070] At step 304, the ESB task service 103 determines whether the partner system account list associated with the mobile device identifier includes the partner system identifier that was extracted from the message header. If the partner system account list associated with the mobile device identifier includes the partner system identifier that was extracted from the message header, then the ESB task service 103 grants authorization of the request. If, on the other hand, the partner system account list associated with the mobile device identifier does not include the partner system identifier that was extracted from the message header, then the ESB task service 103 denies authorization of the request. In this way, each MNO entity is limited to accessing only data and/or operations relating to that particular MNO entity, and is prevented from accessing data and/or operations relating to other MNO entities.
[0071] At step 305, the ESB task service 103 communicates a response to the ESB proxy service 102 (and, in some example embodiments, to the gateway 105 and/or the portal 106), indicating whether authorization of the request has been granted or denied.
3. Requests
[0072] Having described an example procedure 300 for authorizing a request relating to a mobile device, reference will now be made to FIGS. 4 through 10 to describe example types of requests, message flows/service invocations, messages, and message parameters, in accordance with various example embodiments herein relating to MNOs.
a. Request for Consumer Profile Information
[0073] FIG. 4 shows an example procedure 400 for processing a request for consumer profile information relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 400 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve information, such as a user ID and/or user name, from the wallet server 104.
[0074] At step 401, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get consumer profile message), including, for example, the data element described below in Table 3.
Table 3
[0075] At step 402, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[0076] If authorization of the request is denied at step 402, then at step 403, the ESB proxy service 102 communicates a message (e.g. , a not-authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[0077] If, on the other hand, authorization of the request is granted at step 402, then at step 404, the ESB proxy service 102 communicates a message (e.g. , a get consumer profile message) to the ESB task service 103.
[0078] At step 405, the ESB task service 103 communicates the message to the wallet server 104 to request consumer profile information relating to a particular mobile wallet.
[0079] At step 406, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 407). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 408). An example set of data elements that may be included in the response is described below in Table 4. Table 4
[0080] Although not shown in FIG. 4 for purposes of convenience, in some example embodiments herein, the ESB 101 (e.g. , the ESB proxy service 102 and/or the ESB task service 103) filters data elements that are included in the response communicated from the wallet server 104 at step 406, for example, to meet requirements of the request communicated at step 401. The filtering may be performed based on, for example, one or more requirements of the request, a predetermined access level associated with a partner system from which the request originated, an agent identifier associated with the request, and/or any other suitable criteria. The response 408 provided by the ESB 101 can include, for instance, all the data elements included in the response communicated at step 406 or only a subset of the data elements included in the response communicated at step 406, the subset having been determined as a result of the filtering.
Likewise, the ESB 101 can perform such filtering of other responses (e.g. , responses 506, 606, 706, 806, 906, 1006, 1 107, 1206, 1306, 1406, 1506, 1606, 1706, and/or 1806 described below in connection with FIGS. 5 through 18, respectively, although not explicitly shown in FIGS. 5 through 18 for purposes of convenience).
[0081] An example set of data elements that may be included in the response element shown in Table 4 is described below in Table 5.
Table 5
Element Description Required Multiplicity Data Type
ResponseCode This sub-element Required 1 Restricted specifies the
SUCCESS (0) or
FAILURE (1) of
the operation.
ServiceDetails Specifies the Required 1 Container service
information such
as service name,
operation name
and version
number.
InstancelD Specifies ESB Required 1 String(256)
Process Instance
ID.
TransactionID Specifies ESB Required 1 String(256) generated Unique
Identifier for a
specific
transaction.
Time stamp Specifies time of Required 1 DateTime the response.
Error The Error element Optional O to 10 Container is of type
ErrorType which
contains the
structure of
Error/Exception
occurrences during
the execution of
Operation.
[0082] An example set of data elements that may be included in the ServiceDetails element shown in Table 5 is described below in Table 6.
Table 6
Element Description Required Multiplicity Data Type
ServiceName Specifies the Required 1 String(32) name of the
service.
OperationName Specifies the Required 1 String(32) name of the
operation within a
service.
Version Specifies the Required 1 String(32) version of the
service.
[0083] An example set of data elements that may be included in the Error element shown in Table 5 is described below in Table 7.
Table 7
[0084] An example set of data elements that may be included in the ConsumerProfile element shown in Table 4 is described below in Table 8.
Table 8
Element Description Required MultiData Type plicity
Security AnswerAvailable Indicates whether user Required 1 BooleanType has set up security
question/answer ; the
default value is 'false'.
Personallnfo This sub-element Optional 1 Container specifies the structure
of personal Info.
ConsumerStatus Status of the Optional 1 Restrict consumer. Defined
statuses include:
ACTIVE, INACTIVE,
LOCKED,
SUSPENDED.
ConsumerCreationDate Date Timestamp when Optional 1 DateTime consumer record is
created.
[0085] An example set of data elements that may be included in the Personallnfo element shown in Table 8 is described below in Table 9.
Table 9
[0087] A data element that may be included in the Contactlnfo element shown in Table 9 is described below in Table 11.
Table 11 Element Description Required MultiData Type plicity
EmaillD Email address - this is Optional 1 Restricted the email ID used for
wallet activation, it
will return as part of
the response for an
existing consumer. b. Request for Mobile Wallet Information
[0088] FIG. 5 shows an example procedure 500 for processing a request for mobile wallet information, in accordance with an example embodiment herein. In one example embodiment, procedure 500 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 information relating to a mobile wallet, such as a handset profile and/or a number of payment cards associated with the mobile wallet.
[0089] At step 501, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get wallet info, message), including, for example, the data element described below in
Table 12.
Table 12
[0090] At step 502, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[0091] If authorization of the request is denied at step 502, then at step 503, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[0092] If, on the other hand, authorization of the request is granted at step 502, then at step 504, the ESB proxy service 102 communicates a message (e.g. , a get wallet info, message) to the ESB task service 103.
[0093] At step 505, the ESB task service 103 communicates the message to the wallet server 104 to request consumer profile information relating to a particular mobile wallet.
[0094] At step 506, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 507). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 508). An example set of data elements that may be included in the response is described below in Table 13. Table 13
[0096] An example data element that may be included in the Walletlnstance element shown in Table 14 is described below in Table 15.
Table 15
Element Description Required MultiData Type plicity
WalletState Indicates the Required 1 String (32) current status of
the wallet
instance.
WalletStateReasonCode Describes the Required 1 String reasons that
land the wallet
in its current
state.
WalletCreationDate Date timestamp Optional 1 DateTime that the wallet
instance is
created. Equates
to the date that
the customer
activates his/her
wallet.
WalletClientVersion Version number Required 1 String (10) of the wallet
client app.
WalletStateUpdatelnitiator Who is Optional 1 String responsible for
the last state of
the wallet.
[0097] An example set of data elements that may be included in the HandSet element shown in Table 14 is described below in Table 16.
Table 16
Element Description Required MultiData Type plicity
HandsetID This sub- Required 1 Container element contains
choices of
handset ID.
HandsetProfile This sub- Required 1 Container element contains
aspects of
handset profile.
HandsetState Indicates the Required 1 Restricted current state of String (16) the handset.
MobileDeviceNumber The phone Required 1 Restricted number String (10) associated to
this handset.
MobileNetworkOperator This sub- Required 1 Container (MNO) element contains
MNO-related
info.
[0098] An example set of data elements that may be included in the HandSetID element shown in Table 16 is described below in Table 17.
Table 17
Element Description Required MultiData Type plicity
IMEI The International Required 0...1 String (15)
Mobile Equipment while other
Identity or IMEI is options not
a number, usually given
unique, to identify
global system for
mobile
communications
(GSM), wideband
code division
multiple access
(WCDMA), and
integrated digital
enhanced network
(iDEN) mobile
phones, as well as
some satellite
phones. It is
usually found
printed inside the
battery
compartment of the
phone.
MEID Mobile Equipment Required 0...1 String (14)
Identifier (MEID) while other
is a globally unique options not number identifying given
a physical piece of
code division
multiple access
(CDMA) mobile
station equipment.
MACAddress A unique identifier Required 0...1 String (12) assigned to while other
network interfaces options not
for given
communications on
the physical
network segment.
[0099] An example set of data elements that may be included in the HandsetProfile element shown in Table 16 is described below in Table 18.
Table 18
Element Description Required Multiplicity Data Type
ModelNumber Model number Required 1 String (64) associated with
the handset.
HandsetManufacturer This sub- Required 1 Container element
contains
manufacturer
details of the
handset.
ModelName Name of the Required 1 String (64) handset model.
OSPlatform Name of the Optional 1 String operation
system
platform.
OSVersion Version of the Optional 1 String (32) operation
system
platform.
DeviceSoftwareClass This is the Optional 1 String (32) device software
class of the
handset.
[00100] An example set of data elements that may be included in the HandsetManufacturer element shown in Table 18 is described below in Table 19.
Table 19
Element Description Required Multiplicity Data Type
ManufacturerlD Manufacturer Required 1 String (32)
ID of the
handset.
ManufacturerName Name of the Optional 1 String (32) handset
manufacturer.
ManufacturerDescription Description of Optional 1 String (256) the
manufacturer.
[00101] An example set of data elements that may be included in the MobileNetworkOperator (MNO) element shown in Table 16 is described below in Table 20.
Table 20
Element Description Required Multiplicity Data Type
MobileNetworkOperatorlD Unique Required 1 Restricted
Identifier for String (16) the Mobile
Network
Operator;
Valid values,
e.g.: MNOl,
MN02,
MN03.
MobileNetworkOperator MNO name. Required 1 String (16) Name
MobileNetworkOperator MNO Optional 1 String (256) Description description.
MobileNetworkOperator MNO contact Optional 1 String (16) ContactNumber number. [00102] An example data element that may be included in the ServiceAccount element shown in Table 14 is described below in Table 21.
Table 21
c. Request for Wallet Event History
[00103] FIG. 6 shows an example procedure 600 for processing a request for wallet event history relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 600 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 wallet event history information, such as an event date or an event source.
[00104] At step 601, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get wallet event history message), including, for example, the data elements described below in Table 22.
Table 22
Element Description Required Multiplicity Data Type
MobileDeviceNumber Unique Required 1 Restricted consumer String(lO) identifier.
StartFrom Index to specify Required 1 Integer from where to
get history
event. The
value needs to
be > 0.
Size Size of history Required 1 Integer event to be
returned; the
value depends
on pagination
practice at the
presentation
layer. It cannot
exceed 100 based on the
upper bound
number defined
in wallet event
history list.
[00105] At step 602, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[00106] If authorization of the request is denied at step 602, then at step 603, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00107] If, on the other hand, authorization of the request is granted at step 602, then at step 604, the ESB proxy service 102 communicates a message (e.g. , a get wallet event history message) to the ESB task service 103.
[00108] At step 605, the ESB task service 103 communicates the message (e.g. , the get wallet event history message) to the wallet server 104 to request wallet event history information relating to a particular mobile wallet.
[00109] At step 606, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 607). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 608). An example set of data elements that may be included in the response is described below in Table 23.
Table 23
Element Description Required Multiplicity Data Type
Response This sub-element Required 1 Container specifies the
structure for
generic ESB
response.
TotalCount The total count Optional 1 Integer of wallet event
history records.
Startlndex Where to start Optional 1 Integer the records.
Endlndex Where to end the Optional 1 Integer records.
WalletEventHistory List of wallet Optional 0 to 100 Container event history. [00110] An example set of data elements that may be included in the WalletEventHistory element shown in Table 23 is described below in Table 24.
Table 24
d. Request for Predetermined Processing Workflow Execution Status
[00111] FIG. 7 shows an example procedure 700 for processing a request for status regarding executions of predetermined processing workflows relating to a mobile wallet, in accordance with an example embodiment herein. A predetermined processing workflow (also referred to as an ICE cube), in one example, can be executed for one or more mobile devices, and can include instructions that cause one or more systems to perform multiple steps (e.g. , by executing specific functions) in succession. In one example embodiment, procedure 700 enables a partner system, such as for example, elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 overall aggregated status from all executions of predetermined processing workflows for a particular mobile device number (associated with a mobile wallet).
[00112] At step 701, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get ICE cube status message), including, for example, the data element described below in
Table 25.
Table 25
[00113] At step 702, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3. [00114] If authorization of the request is denied at step 702, then at step 703, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00115] If, on the other hand, authorization of the request is granted at step 702, then at step 704, the ESB proxy service 102 communicates a message (e.g. , a get ICE cube status message) to the ESB task service 103.
[00116] At step 705, the ESB task service 103 communicates the message (e.g. , the get ICE cube status message) to the wallet server 104 to request ICE cube status information relating to a particular mobile wallet.
[00117] At step 706, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 707). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 708). An example set of data elements that may be included in the response is described below in Table 26.
Table 26
e. Request to Update a Mobile Wallet State
[00118] FIG. 8 shows an example procedure 800 for processing a request to update a mobile wallet state, in accordance with an example embodiment herein. In one example embodiment, procedure 800 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to request to suspend, reactivate, or terminate a mobile wallet.
[00119] At step 801, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , an update wallet state message), including, for example, the set of data elements described below in Table 27.
Table 27
Element Description Required Multiplicity Data Type
WalletStateUpdatelnitiator Initiator of the Required 1 Restricted wallet state String update.
WalletStateUpdateReason Reason for Required 1 String(256) wallet state
update.
MobileDeviceNumber Mobile Device Required 1 Restricted
Number. String(lO)
WalletlnstancelD Unique number Optional 1 Positive used to identify Integer (17 a specific digits) wallet instance.
WalletState State to which Required 1 Restricted the wallet String(32) needs to be
changed.
[00120] At step 802, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[00121] If authorization of the request is denied at step 802, then at step 803, the ESB proxy service 102 communicates a message (e.g. , a success/failure message) to the portal 106 to indicate that authorization of the request is denied.
[00122] If, on the other hand, authorization of the request is granted at step 802, then at step 804, the ESB proxy service 102 communicates a message (e.g. , an update wallet state message) to the ESB task service 103.
[00123] At step 805, the ESB task service 103 communicates the message (e.g. , the update wallet state message) to the wallet server 104 to request that a wallet state relating to a particular mobile wallet be updated.
[00124] At step 806, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 807). An example data element that may be included in the response is described below in Table 28.
Table 28
f. Request to Reset a Password [00125] FIG. 9 shows an example procedure 900 for processing a request to reset a password associated with a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 900 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to reset a password relating to a mobile wallet (e.g. , a web account password).
[00126] At step 901, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a reset password message), including, for example, the data element described below in
Table 29.
Table 29
[00127] At step 902, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[00128] If authorization of the request is denied at step 902, then at step 903, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00129] If, on the other hand, authorization of the request is granted at step 902, then at step 904, the ESB proxy service 102 communicates a message (e.g. , a reset password message) to the ESB task service 103.
[00130] At step 905, the ESB task service 103 communicates the message (e.g. , the reset password message) to the wallet server 104 to request that a password associated with a particular mobile wallet be reset.
[00131] At step 906, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 907). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 908). An example data element that may be included in the response is described below in Table 30.
Table 30
g. Request to Reset a Security Question and Answer [00132] FIG. 10 shows an example procedure 1000 for processing a request to reset a security question and answer relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 1000 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to reset a security question and answer relating to a mobile wallet.
[00133] At step 1001, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a reset security Q&A message), including, for example, the data element described below in
Table 31.
Table 31
[00134] At step 1002, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 3.
[00135] If authorization of the request is denied at step 1002, then at step 1003, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00136] If, on the other hand, authorization of the request is granted at step 1002, then at step 1004, the ESB proxy service 102 communicates a message (e.g. , a reset security Q&A message) to the ESB task service 103.
[00137] At step 1005, the ESB task service 103 communicates the message (e.g. , the reset security Q&A message) to the wallet server 104 to request that a security question and answer relating to a particular mobile wallet be reset.
[00138] At step 1006, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1007). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1008). An example data element that may be included in the response is described below in Table 32.
Table 32
C. Issuers [00139] Having described various example embodiments for processing a mobile wallet-related request received from a MNO with respect to FIGS. 3 through 10, reference will now be made to FIGS. 11 through 17 to describe various aspects of messages, data elements, and/or data flows that may be employed in connection with requests that originate from a portal 106 associated with an issuer, in accordance with various example embodiments herein.
1. Message Structure
[00140] In one example, a request that originates from a portal 106 associated with an issuer includes at least three components: a message header, an HTTP header, and a message body. An example set of data elements that may be included in the message header are described below in
Table 33.
Table 33
[00141] An example data element that may be included in the HTTP header is described below in Table 34. Table 34
2. Authorization Procedure
[00142] FIG. 1 1 shows an example procedure 1 100 for authorizing a mobile device-related request that originates from a portal 106 associated with an issuer, in accordance with an example embodiment herein. In one example embodiment, the procedure 1 100 further represents the procedure described above in connection with step 206 of FIG. 2.
[00143] Although not shown in FIG. 1 1 for purposes of convenience, prior to step 1 101, the ESB proxy service 102 extracts a value of a service provider ID (also referred to as a "partner system identifier", described above in Table 34) from the HTTP header, and extracts a value of a consumer MDN (also referred to as a "mobile device identifier") from the message body.
[00144] At step 1 101, the ESB proxy service 102 receives a request message (e.g. , an invocation message) from the portal 106.
[00145] At step 1 102, the ESB proxy service 102 transmits an authorization request message to the ESB task service 103. This causes the ESB task service 103 to communicate, at step 1 103, a getlnfo message, including the extracted consumer MDN, to the wallet server 104 to retrieve a partner system account list associated with the mobile device identifier.
[00146] At step 1 104, the wallet server 104 communicates a response to the ESB task service 103 including the partner system account list associated with the mobile device identifier.
[00147] The ESB task service 103 then determines whether the partner system account list associated with the mobile device identifier includes the partner system identifier that was extracted from the message header. If the partner system account list associated with the mobile device identifier includes the partner system identifier that was extracted from the message header, then the ESB task service 103 grants authorization of the request. If, on the other hand, the partner system account list associated with the mobile device identifier does not include the partner system identifier that was extracted from the message header, then the ESB task service 103 denies authorization of the request. In this way, each issuer entity is limited to accessing only data and/or operations relating to or permitted for that particular issuer entity, and is prevented from accessing data and/or operations relating to other issuer entities.
[00148] At step 1 105, the ESB task service 103 communicates a response (e.g. , an "is authorized" response or an "is not authorized" response) to the ESB proxy service 102, indicating whether authorization of the request has been granted or denied. [00149] At step 1 106, if authorization of the request is granted, then the ESB proxy service 102 communicates, based on the invocation message received at step 1 101, to the wallet server 104 a request for information and/or performance of an operation relating to a mobile device.
[00150] At step 1 107, the wallet server 104 communicates a response to the ESB proxy service 102, which, in turn, communicates the response to the portal 106 at step 1 108.
3. Requests
[00151] Having described an example procedure 1100 for authorizing a request relating to a mobile device, reference will now be made to FIGS. 12 through 17 to describe example types of requests, message flows/service invocations, messages, and message parameter, in accordance with various example embodiments herein relating to issuers,
a. Request for Consumer Profile Information
[00152] FIG. 12 shows an example procedure 1200 for processing a request for consumer profile information relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 1200 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve information, such as a user ID and/or user name, from the wallet server 104.
[00153] At step 1201, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get consumer profile message), including, for example, the set of data elements described below in Table 35.
Table 35
[00154] At step 1202, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 1 1.
[00155] If authorization of the request is denied at step 1202, then at step 1203, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00156] If, on the other hand, authorization of the request is granted at step 1202, then at step 1204, the ESB proxy service 102 communicates a message (e.g. , a get consumer profile message) to the ESB task service 103.
[00157] At step 1205, the ESB task service 103 communicates the message to the wallet server 104 to request consumer profile information relating to a particular mobile wallet. [00158] At step 1206, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1207). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1208). An example set of data elements that may be included in the response is described below in Table 36.
Table 36
[00159] An example set of data elements that may be included in the UserNamelnfo element shown in Table 36 is described below in Table 37.
Table 37
Element Description Required Multiplicity Data Type
Salutation This specifies the Optional 1 Restricted salutation of
username. Valid
values are: Mr.,
Ms., Mrs.
Firstname First name of user Optional 1 String(32) name.
MiddleName Middle name of Optional 1 String(16) user name.
Lastname Last name of user Optional 1 String(32) name.
Suffix Suffix of the user. Optional 1 String(2)
[00160] An example set of data elements that may be included in the Response element shown in Table 36 is described below in Table 38.
Table 38
Element Description Required Multiplicity Data Type
ResponseCode This sub-element Required 1 Restricted specifies the
SUCCESS (0) or
FAILURE (1) of
the operation.
ServiceDetails Specifies the Required 1 Container service
information like
service name,
operation name
and version
number.
Instanceld Specifies ESB Required 1 String(256)
Process Instance
ID.
TransactionID Specifies ESB Required 1 String(256) generated Unique
Identifier for a
specific
transaction.
Time stamp Specifies time of Required 1 DateTime the Response. Error The Error element Optional O to 10 Container is of type
ErrorType which
contains the
structure of
Error/Exception
occurs during the
execution of
operation.
[00161] An example set of data elements that may be included in the ServiceDetails element shown in Table 38 is described below in Table 39.
Table 39
Element Description Required Multiplicity Data Type
ServiceName Specifies the Required 1 String(32) name of the
Service.
OperationName Specifies the Required 1 String(32) name of the
operation within a
service.
Version Specifies the Required 1 String(32) version of the
service.
[00162] An example set of data elements that may be included in the Error element shown in Table 38 is described below in Table 40.
Table 40
Element Description Required MultiData Type plicity
ErrorCode This specifies error code Required 1 Integer associated for each exception.
ErrorType This specifies the type of Required 1 Restricted error/exception. Valid values
are APPLICATION EXC
EPTION - any validations or
business rules violations.
BUSINESS EXCEPTION - Actual exception generated
from the outbound end system.
SYSTEM EXCEPTION - Any
internal system failure
exception within the ESB layer.
ErrorSeverity Error Severity. Valid values Required 1 Restricted include: 1 - Fatal, 2 - Critical.
ErrorMessage Human Readable error Required 1 String (256) message.
ErrorDescription Description of error. Optional 1 String
ErrorTrace Specifies detailed error stack Optional 1 String trace. b. Request for Mobile Wallet Information
[00163] FIG. 13 shows an example procedure 1300 for processing a request for mobile wallet information, in accordance with an example embodiment herein. In one example embodiment, procedure 1300 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 information relating to a mobile wallet, such as a handset profile and/or a number of payment cards associated with the mobile wallet.
[00164] At step 1301, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get wallet info, message), including, for example, the data elements described below in
Table 41.
Table 41
[00165] At step 1302, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 11. [00166] If authorization of the request is denied at step 1302, then at step 1303, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00167] If, on the other hand, authorization of the request is granted at step 1302, then at step 1304, the ESB proxy service 102 communicates a message (e.g. , a get wallet info, message) to the ESB task service 103.
[00168] At step 1305, the ESB task service 103 communicates the message to the wallet server 104 to request consumer profile information relating to a particular mobile wallet.
[00169] At step 1306, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1307). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1308). An example set of data elements that may be included in the response is described below in Table 42.
Table 42
[00170] An example set of data elements that may be included in the Walletlnfo element shown in Table 42 is described below in Table 43.
Table 43
Element Description Required Multiplicity Data Type
HandSet This sub-element specifies Optional 1 Container the structure for HandSet.
WalletCreationD The Wallet Creation Date. Optional 1 DateTime ate
WalletState Indicates the current wallet Optional 1 Restricted state. Valid values include:
WALLET ACTIVE - Wallet
is Active; WALLET ACTIVATION P ENDING - Wallet Activation is Pending;
WALLET SUSPENDED - Wallet is Suspended;
WALLET SUSPENSION P ENDING - Wallet
Suspension is Pending;
WALLET RESETPASSCO DE PENDING - Wallet ResetPasscode is Pending;
WALLET TERMINATED - Wallet is Terminated;
WALLET TERMINATION
PENDING - Wallet Termination is Pending;
WALLET LOCKED - Wallet is locked;
WALLET RESUME PEND ING Wallet ReActivation is Pending;
WALLET MDN VALIDAT ION PENDING Wallet MDN validation is Pending;
CHANGE DETECTED
Change Detected;
APP DATA ERASED
Wallet is terminated and the application data has been
successfully removed from
the consumer device.
WalletStateReas Describes the reason that the Optional 1 String onCode wallet is in its current state.
Potential reason codes
include the following: MNO
Initiated, Consumer Initiated,
Mobile Wallet Provider
Initiated, Lost/Stolen,
Expiration Date Reached.
Walletlnstancel Unique number used to Optional 1 Wallet D identify a specific wallet Instance ID instance. Type
WailetCiientVers Represents Wallet Client App Optional 1 String 10 ion Version. Type (string with 10 characters)
[00171] An example set of data elements that may be included in the HandSet element shown in Table 43 is described below in Table 44.
Table 44
[00172] An example set of data elements that may be included in the HandSetID element shown in Table 44 is described below in Table 45. Table 45
Element Description Required Multiplicity Data Type
IMEI The Required 0...1 String (15)
International while other
Mobile options not
Equipment given
Identity or IMEI
is a number,
usually unique,
to identify
global system
for mobile
communications
(GSM),
wideband code
division
multiple access
(WCDMA), and
integrated
digital enhanced
network (iDEN)
mobile phones,
as well as some
satellite phones.
It is usually
found printed
inside the
battery
compartment of
the phone.
MEID Mobile Required 0...1 String (14)
Equipment while other
Identifier options not
(MEID) is a given
globally unique
number
identifying a
physical piece of code division
multiple access
(CDMA)
mobile station
equipment.
MACAddress A unique Required 0...1 String (12) identifier while other
assigned to options not
network given
interfaces for
communications
on the physical
network
segment.
[00173] An example set of data elements that may be included in the HandsetProfile element shown in Table 44 is described below in Table 46.
Table 46
Element Description Required Multiplicity Data Type
ModelNumber Model number Required 1 String (64) associated with
the handset.
HandsetManufacturer This sub- Required 1 Container element
contains
manufacturer
details of the
handset.
ModelName Name of the Required 1 String (64) handset model.
OSPlatform Name of the Optional 1 String operation
system
platform.
OSVersion Version of the Optional 1 String (32) operation
system
platform. DeviceSoftwareClass Device Optional 1 String (32) software class
of the handset.
MobileDeviceNumber Mobile Required 1 String(lO)
Number of the
handset.
MobileNetworkOperator Mobile Required 1 Container
Network
Operator - Refers to the
participating
wireless
service
providers.
[00174] An example set of data elements that may be included in the HandsetManufacturer element shown in Table 46 is described below in Table 47.
Table 47
[00175] An example set of data elements that may be included in the MobileNetworkOperator (MNO) element shown in Table 46 is described below in Table 48.
Table 48
Element Description Required MultiData Type plicity
MobileNetworkOperatorlD Unique Required 1 Restricted Identifier for
the Mobile
Network
Operator; valid
values: MNOl,
MN02, MN03.
MobileNetworkOperator Name Textual name Required 1 String (16) associated with
the MNO.
MobileNetworkOperator Textual Optional 1 String (256) Description description of
the MNO.
MobileNetworkOperator Operator Optional 1 String (16) ContactNumber Contact Phone
Number. c. Request for Service Account Information
[00176] FIG. 14 shows an example procedure 1400 for processing a request for service account information relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 1400 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 service account information, such as a record of history for a service account relating to a mobile wallet.
[00177] At step 1401, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get service account info, message), including, for example, the data elements described below in Table 49.
Table 49
[00178] At step 1402, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 11. [00179] If authorization of the request is denied at step 1402, then at step 1403, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00180] If, on the other hand, authorization of the request is granted at step 1402, then at step 1404, the ESB proxy service 102 communicates a message (e.g. , a get service account info, message) to the ESB task service 103.
[00181] At step 1405, the ESB task service 103 communicates the message (e.g. , the get service account info, message) to the wallet server 104 to request service account information relating to a particular mobile wallet.
[00182] At step 1406, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1407). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1408). An example set of data elements that may be included in the response is described below in Table 50.
Table 50
[00183] An example set of data elements that may be included in the ServiceAccount element shown in Table 50 is described below in Table 51.
Table 51
Element Description Required Multiplicity Data Type
Service A unique number provided Required 1 Restricted
AccountRef Nbr by the service provider to
uniquely identify a service
account.
ServiceProduct Type of the Service Product. Required 1 Restricted Type Service Product Types:
CREDIT,
LINKED CHECKING OR DEBIT, PRE PAID, CASH.
ProductBrand Unique identifier for the Required 1 Restricted
ProfilelD service product associated
with the service account.
Payment Network The network for payment Required 1 Restricted processing. Valid values:
NETWORKl, NETWORK2,
NETWORK3.
ServiceAccount Indicates the current state of Optional 1 Restricted
State the service account. Possible
status values are:
REGISTERED - indicates
the service account has been
sent to the handset but the
wallet instance associated
with the MDN has not yet
been activated;
WAITING FOR ACTIVAT
ION - service account has
been provisioned to the
handset but the user has not
activated the account;
ACTIVE - service account is
active on the handset and
usable by the user;
SUSPENDED - use of the
service account has been
frozen by the issuer/service
provider. Service account in
SUSPENDED state cannot
be used for purchases but
can be used for payments
applied to the account. A
service account in frozen state can be changed back to
Active state;
CLOSED TO NEW PURC HASES - service account has
been closed by either the
owner or the issuer/service
provider. An account in this
state cannot be used for
purchases but is still
available for payments to be
applied to the account;
CLOSED - service account
has been closed by either the
owner or the issuer/service
provider. Service account in
Closed state cannot be used
and cannot be changed back
to Active state. d. Request for Wallet Event History
[00184] FIG. 15 shows an example procedure 1500 for processing a request for wallet event history relating to a mobile wallet, in accordance with an example embodiment herein. There can be various events recorded in connection with a mobile wallet, such as, for example the provision of the wallet, the termination of the wallet, and/or the like. In one example embodiment, procedure 1500 enables a partner system, such as for example, elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 wallet event history information, such as an event date or an event source.
[00185] At step 1501, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get wallet event history message), including, for example, the data elements described below in Table 52.
Table 52
Element Description Required MultiData Type plicity
GetWalletEvent A root element for the Required 1 Container HistoryRequest request message which is
used by GetWalletEventHistory
operation.
MobileDevice Unique consumer identifier. Required 1 String Number
StartFrom Index to specify from where Required 1 Integer to get history event.
Size Size of history event to be Required 1 Integer returned.
[00186] At step 1502, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 1 1.
[00187] If authorization of the request is denied at step 1502, then at step 1503, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00188] If, on the other hand, authorization of the request is granted at step 1502, then at step 1504, the ESB proxy service 102 communicates a message (e.g. , a get wallet event history message) to the ESB task service 103.
[00189] At step 1505, the ESB task service 103 communicates the message (e.g. , the get wallet event history message) to the wallet server 104 to request wallet event history information relating to a particular mobile wallet.
[00190] At step 1506, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1507). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1508). An example set of data elements that may be included in the response is described below in Table 53.
Table 53
Element Description Required Multiplicity Data Type
Response This sub-element Required 1 Generic specifies the Response structure for Type generic ESB
response.
TotalCount The total count Optional 1 Integer of wallet event
history records.
Startlndex Where to start Optional 1 Integer the records.
Endlndex Where to end the Optional 1 Integer records. WalletEventHistory List of wallet Optional 0 to 100 Wallet Event event history. History Type
[00191] An example set of data elements that may be included in the WalletEventHistory element shown in Table 53 is described below in Table 54.
Table 54
e. Request for Service Account History
[00192] FIG. 16 shows an example procedure 1600 for processing a request for service account history relating to a mobile wallet, in accordance with an example embodiment herein. In one example embodiment, procedure 1600 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 service account history information associated with a mobile wallet.
[00193] At step 1601, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get service account history message), including, for example, the data elements described below in Table 55.
Table 55
Element Description Required MultiData Type plicity
GetServiceAccount A root element for the Required 1 Container HistoryRequest request message which
is used by
GetServiceAccount
History operation.
MobileDeviceNumber Unique consumer Required 1 String identifier.
StartFrom Index to specify Required 1 Integer from where to get
history
event.
Size Size of history event to Required 1 Integer be
returned.
[00194] At step 1602, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 1 1.
[00195] If authorization of the request is denied at step 1602, then at step 1603, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00196] If, on the other hand, authorization of the request is granted at step 1602, then at step 1604, the ESB proxy service 102 communicates a message (e.g. , a get service account history message) to the ESB task service 103.
[00197] At step 1605, the ESB task service 103 communicates the message (e.g. , the get service account history message) to the wallet server 104 to request wallet event history information relating to a particular mobile wallet.
[00198] At step 1606, the wallet server 104 communicates a response to the ESB task service 103, which in turn communicates the response to the ESB proxy service 102 (step 1607). The ESB proxy service 102 in turn communicates the response to the portal 106 (step 1608). An example set of data elements that may be included in the response is described below in Table 56.
Table 56
Element Description Required MultiData Type plicity
Response This sub-element Required 1 Generic specifies the structure for Response generic ESB response. Type
TotalCount The total count of Optional 1 Integer
ServiceAccountEvent
History records.
Startlndex Where to start the Optional 1 Integer records.
Endlndex Where to end the records. Optional 1 Integer
ServiceAccountEvent List of service account Optional 0 to 100 Service
History event history. Account Event
History
Type
[00199] An example set of data elements that may be included in the ServiceAccountEvent element shown in Table 56 is described below in Table 57.
Table 57
f. Request for Service Account Event Status [00200] FIG. 17 shows an example procedure 1700 for processing a request for service account event status relating to a mobile wallet, in accordance with an example embodiment herein. During the lifecycle of a service account, there are various events for a service account, for instance, the provision of the service account. In one example embodiment, procedure 1700 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to retrieve from the wallet server 104 service account event status information relating to a mobile wallet service account.
[00201] At step 1701, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , a get service account event status message), including, for example, the data elements described below in Table 58.
Table 58
[00202] At step 1702, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 1 1.
[00203] If authorization of the request is denied at step 1702, then at step 1703, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00204] If, on the other hand, authorization of the request is granted at step 1702, then at step 1704, the ESB proxy service 102 communicates a message (e.g. , a get service account event status message) to the ESB task service 103.
[00205] At step 1705, the ESB task service 103 communicates the message (e.g. , the get service account event status message) to the wallet server 104 to request wallet event history information relating to a particular mobile wallet.
[00206] At step 1706, the wallet server communicates a response to the ESB task service 103, which communicates the response to the ESB proxy service 102 (step 1707), which communicates the response to the portal 106 (step 1708). An example set of data elements that may be included in the response is described below in Table 59.
Table 59
Element Description Required Multiplicity Data Type Response This sub- Required 1 Container element
specifies the
structure for
generic ESB
response.
ServiceAccountEvent Service Account Optional 0 to 25 Container
Status event status.
[00207] An example set of data elements that may be included in the ServiceAccountEventStatus element shown in Table 59 is described below in Table 60.
Table 60
g. Request for Update to Service Account State [00208] FIG. 18 shows an example procedure for processing a request to update a service account state, in accordance with an example embodiment herein. In one example embodiment, procedure 1800 enables a partner system, such as elements 106 and/or 108 of FIG. 1 (which may be operated by an agent), to request that a service account state associated with a mobile wallet be updated. At step 1801, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , an update service account message), including, for example, the data elements described below in Table 61.
Table 61
[00209] At step 1801, the portal 106 transmits to the ESB proxy service 102 a request message (e.g. , an update service account state message), including, for example, the data elements described below in Table 62.
Table 62
Element Description Required MultiData Type plicity
UpdateServiceAccount A root element for the Required 1 Container StateRequest request message which is
used by
UpdateServiceAccount
State operation.
MobileDeviceNumber Unique consumer Required 1 String identifier.
ServiceAccountRefNbr Service Account Required 1 String
Reference Number.
ServiceAccountState Service Account State. Required 1 String [00210] At step 1802, the ESB proxy service 102 executes an authorization procedure for the request, in the manner described above in connection with FIG. 1 1.
[00211] If authorization of the request is denied at step 1802, then at step 1803, the ESB proxy service 102 communicates a message (e.g. , a not authorized response message) to the portal 106 to indicate that authorization of the request is denied.
[00212] If, on the other hand, authorization of the request is granted at step 1802, then at step 1804, the ESB proxy service 102 communicates a message (e.g. , an update service account state message) to the ESB task service 103.
[00213] At step 1805, the ESB proxy service 102 communicates an acknowledge message to the portal 106 to confirm that the service account state is being updated.
[00214] At step 1806, the ESB task service 103 communicates a response to the ESB proxy service 102, which confirms that the service account state has been updated.
[00215] As can be appreciated in view of the above, the systems, methods, and computer program products presented herein for processing a request relating to a mobile communication device enable the safeguarding of information relating to mobile communication devices and the restriction of access to operations relating to mobile communication devices, while also providing consumer care systems and/or agents with a level of access to such information and/or operations that is sufficient for consumer care purposes.
[00216] Example aspects described herein also facilitate the processing of mobile wallet information and/or operation requests that are received from different entities (e.g. , a mobile wallet provider, external partners, such as payment product issuers and/or mobile network operators (MNOs), and/or the like) and/or personnel that may provide consumer care in connection with mobile wallets. Different levels of access are provided for specific levels of personnel (e.g. , consumer care agents) within a particular entity, in accordance with various example aspects herein.
IV. Example Computer-readable Medium Implementations
[00217] The example embodiments described above, such as the systems and procedures depicted in or discussed in connection with FIGS. 1 through 18 or any part or function thereof, may be implemented by using hardware, software or a combination of the two. The
implementation may be in one or more computers or other processing systems. While manipulations performed by these example embodiments may have been referred to in terms commonly associated with mental operations performed by a human operator, no human operator is needed to perform any of the operations described herein. In other words, the operations may be completely implemented as machine operations. Useful machines for performing the operation of the example embodiments presented herein include general-purpose digital computers or similar devices.
[00218] FIG. 19 is a block diagram of a general and/or special purpose computer 1900 that may be employed in accordance with various example embodiments herein. The computer 1900 may be, for example, a user device, a user computer, a client computer, and/or a server computer, among other things.
[00219] The computer 1900 may include without limitation a processor device 1910, a main memory 1925, and an interconnect bus 1905. The processor device 1910 may include without limitation a single microprocessor, or may include a plurality of microprocessors for configuring the computer 1900 as a multi-processor system. The main memory 1925 stores, among other things, instructions and/or data for execution by the processor device 1910. The main memory 1925 may include banks of dynamic random access memory (DRAM), as well as cache memory.
[00220] The computer 1900 may further include a mass storage device 1930, peripheral device(s) 1940, portable storage medium device(s) 1950, input control device(s) 1980, a graphics subsystem 1960, and/or an output display 1970. For explanatory purposes, all components in the computer 1900 are shown in FIG. 19 as being coupled via the bus 1905. However, the computer 1900 is not so limited. Devices of the computer 1900 may be coupled via one or more data transport means. For example, the processor device 1910 and/or the main memory 1925 may be coupled via a local microprocessor bus. The mass storage device 1930, peripheral device(s) 1940, portable storage medium device(s) 1950, and/or graphics subsystem 1960 may be coupled via one or more input/output (I/O) buses. The mass storage device 1930 may be a nonvolatile storage device for storing data and/or instructions for use by the processor device 1910. The mass storage device 1930 may be implemented, for example, with a magnetic disk drive or an optical disk drive. In a software embodiment, the mass storage device 1930 is configured for loading contents of the mass storage device 1930 into the main memory 1925.
[00221] The portable storage medium device 1950 operates in conjunction with a nonvolatile portable storage medium, such as, for example, a compact disc read only memory (CD-ROM), to input and output data and code to and from the computer 1900. In some embodiments, the software for storing an internal identifier in metadata may be stored on a portable storage medium, and may be inputted into the computer 1900 via the portable storage medium device 1950. The peripheral device(s) 1940 may include any type of computer support device, such as, for example, an input/output (I/O) interface configured to add additional functionality to the computer 1900. For example, the peripheral device(s) 1940 may include a network interface card for interfacing the computer 1900 with a network 1920.
[00222] The input control device(s) 1980 provide a portion of the user interface for a user of the computer 1900. The input control device(s) 1980 may include a keypad and/or a cursor control device. The keypad may be configured for inputting alphanumeric characters and/or other key information. The cursor control device may include, for example, a mouse, a trackball, a stylus, and/or cursor direction keys. In order to display textual and graphical information, the computer 1900 may include the graphics subsystem 1960 and the output display 1970. The output display 1970 may include a cathode ray tube (CRT) display and/or a liquid crystal display (LCD). The graphics subsystem 1960 receives textual and graphical information, and processes the information for output to the output display 1970. [00223] Each component of the computer 1900 may represent a broad category of a computer component of a general and/or special purpose computer. Components of the computer 1900 are not limited to the specific implementations provided here.
[00224] Portions of the example embodiments of the invention may be conveniently implemented by using a conventional general-purpose computer, a specialized digital computer and/or a microprocessor programmed according to the teachings of the present disclosure, as is apparent to those skilled in the computer art. Appropriate software coding may readily be prepared by skilled programmers based on the teachings of the present disclosure.
[00225] Some embodiments may also be implemented by the preparation of application-specific integrated circuits, field programmable gate arrays, or by interconnecting an appropriate network of conventional component circuits.
[00226] Some embodiments include a computer program product. The computer program product may be a storage medium or media having instructions stored thereon or therein which can be used to control, or cause, a computer to perform any of the procedures of the example embodiments of the invention. The storage medium may include without limitation a floppy disk, a mini disk, an optical disc, a Blu- ay Disc, a DVD, a CD-ROM, a micro-drive, a magneto- optical disk, a ROM, a RAM, an EPROM, an EEPROM, a DRAM, a VRAM, a flash memory, a flash card, a magnetic card, an optical card, nanosystems, a molecular memory integrated circuit, a RAID, remote data storage/archive/ warehousing, and/or any other type of device suitable for storing instructions and/or data.
[00227] Stored on any one of the computer-readable medium or media, some implementations include software for controlling both the hardware of the general and/or special computer or microprocessor, and for enabling the computer or microprocessor to interact with a human user or other mechanism utilizing the results of the example embodiments of the invention. Such software may include without limitation device drivers, operating systems, and user applications.
Ultimately, such computer-readable media further includes software for performing example aspects of the invention, as described above.
[00228] Included in the programming and/or software of the general and/or special purpose computer or microprocessor are software modules for implementing the procedures described above.
[00229] As can be appreciated in view of the foregoing description, the example aspects herein provide a system, method, and computer-readable medium for managing access control that enable access rules to be updated and enforced in an efficient manner that improves both the user's experience and the utilization of computing resources (e.g. , the utilization of processor power, processor time, memory, communication channels, and the like).
[00230] Unlike existing approaches to managing access control, which employ an inefficient polling scheme whereby, for example, a refresh tag associated with access rules is periodically polled, irrespective of whether any updates have been made to the access rules, in accordance with the example aspects described herein, updates to access rules are retrieved only upon the rules having been updated.
[00231] Also, the example aspects described herein, unlike existing approaches, avoid the need to poll the refresh tag upon receiving a request for information and/or an action protected by the access rules. The user's experience is thus improved since the granting of the request need not be delayed until after both the polling of the refresh tag and the updating of the local access rules have been completed.
[00232] While various example embodiments of the invention have been described above, it should be understood that they have been presented by way of example, and not limitation. It is apparent to persons skilled in the relevant art(s) that various changes in form and detail can be made therein. Thus, the invention should not be limited by any of the above described example embodiments, but should be defined only in accordance with the following claims and their equivalents.
[00233] In addition, it should be understood that the figures are presented for example purposes only. The architecture of the example embodiments presented herein is sufficiently flexible and configurable, such that it may be utilized and navigated in ways other than that shown in the accompanying figures.
[00234] Further, the purpose of the Abstract is to enable the U.S. Patent and Trademark Office and the public generally, and especially the scientists, engineers and practitioners in the art who are not familiar with patent or legal terms or phraseology, to determine quickly from a cursory inspection the nature and essence of the technical disclosure of the application. The Abstract is not intended to be limiting as to the scope of the example embodiments presented herein in any way. It is also to be understood that the procedures recited in the claims need not be performed in the order presented.