US 12,488,082 B1
Online authentication and security management using device-based identification
Peter Manwiller, Chicago, IL (US)
Assigned to WALGREEN CO., Deerfield, IL (US)
Filed by Peter Manwiller, Chicago, IL (US)
Filed on Mar. 30, 2023, as Appl. No. 18/193,256.
Application 18/193,256 is a division of application No. 17/035,960, filed on Sep. 29, 2020, granted, now 11,645,377.
Application 17/035,960 is a division of application No. 15/679,776, filed on Aug. 17, 2017, granted, now 10,860,703, issued on Dec. 8, 2020.
Int. Cl. G06F 21/34 (2013.01); G06F 21/31 (2013.01); H04L 9/40 (2022.01)
CPC G06F 21/34 (2013.01) [G06F 21/316 (2013.01); H04L 63/0876 (2013.01); H04L 63/10 (2013.01); H04L 63/126 (2013.01); H04L 63/1408 (2013.01); H04L 63/1441 (2013.01)] 12 Claims
OG exemplary drawing
 
1. A system for providing access to secure content, comprising:
a network server having a memory storing a set of instructions and one or more processors interfaced with the memory and configured to receive user authenticating information that is provided via a computing device attempting to access secure content that is hosted by the network server; and
a cookie-stitching server configured to:
access a storage device containing sets of user data that are correlated to respective sets of computing devices, wherein each set of user data is stored with an associated agency identification that uniquely identifies a user,
receive from the network server user and device identifying data,
in response to identifying, based at least in part on the user and device identifying data, an agency identification, send a set of user data associated with the agency identification to the network server, and
in response to not identifying an agency identification, send a notification to the network server,
wherein the network server is further configured to:
in response to receiving the set of user data from the cookie-stitching server, grant the computing device access to secure content that is provided by the network server upon verification that (i) user authenticating information received via the computing device is correct, and (ii) a website identifier generated by the network server from the user authenticating information, wherein the website identifier enables one or more back-end computing devices to provide access to the secure content during a browsing session, matches a website identifier associated with the set of user data received from the cookie-stitching server, and
in response to receiving the notification from the cookie-stitching server, trigger execution of a two-factor authentication (2FA), and grant the computing device access to the secure content upon satisfaction of one or more conditions associated with the 2FA.