Mastercard Incorporated
Methods and systems for identification of breach attempts in a client-server communication using access tokens

Abstract:

Embodiments provide a method of using access tokens for identification of breach attempts in a client-server communication. The method includes receiving, by a server system, a token validation request for validation of a token from an Application Programming Interface (API) server sent from a client device to the API server. The method includes accessing one or more token configuration parameters associated with a valid token. The token configuration parameters include one or more of a number of allowable access attempts using the valid token in the API session and a range of frequency of allowable access attempts using the valid token in the API session. The method includes verifying whether the token conforms to the token configuration parameters associated with the valid token. The method further includes determining a breach attempt associated with the token if the token does not conform to the token configuration parameters.