Single sign-on through customer authentication systems

Grant US12579573B2 Kind: B2 Mar 17, 2026

Assignee

Capital One Services, LLC

Inventors

Dinesh Sundaram, Jacob Creech

Abstract

Described herein is a system, method, and non-transitory computer readable medium related to a service provider using a third party identity provider to authenticate a user with improved security. An authentication token is received from the identity provider, and can be verified against internal configuration information. The internal configuration information includes data that is not included in the authentication token, and therefore, is not vulnerable to some security attacks, such as a man-in-the-middle attack. After the authentication token is verified, the internal configuration information and authentication token may be used to create a custom identifier, referred to as an identity ID. The identity ID may be used by the service provider to verify user access to resources.

CPC Classifications

G06F 16/258 G06F 16/9558 G06F 16/9562 G06F 21/53 G06F 21/602 G06F 21/604 G06F 21/606 G06F 21/6209 G06F 21/6227 G06F 21/6245 G06F 2221/2107 G06F 40/103 G06F 40/174 G06F 40/18 G06F 8/65 G06F 8/71 G06F 9/44505 G06F 9/54 G06F 9/547 H04L 63/0428 H04L 63/0435 H04L 63/0442 H04L 63/0471 H04L 63/0478 H04L 63/08 H04L 63/0815 H04L 63/102 H04L 63/123 H04L 63/166 H04L 63/168 H04L 67/01 H04L 9/0822 H04L 9/0825 H04L 9/0894

Filing Date

2023-05-01

Application No.

18141629

Claims

View original document →