US Patent 11930014 Information security using multi-factor authorization

A system includes a central server and one or more user devices connected by a network. The central server receives a request initiated by a user using a user device for a data interaction associated with a data file. The central server checks whether the user is authorized to perform the requested data interaction based on a list of user authorizations. If the user is authorized to perform the data interaction, the central server checks whether the data interaction satisfies at least one rule defined for the user relating to a type of the requested data interaction. If the data interaction satisfies the at least one rule, the central server performs an additional level of authorization to verify an identity of the user. The central server further processes the data interaction when the additional level of authorization is successful.