Mobile device data security system

US 10,002,248 B2
Filed: 01/04/2016
Issued: 06/19/2018
Est. Priority Date: 01/04/2016
Status: Active Grant

First Claim

Patent Images

1. A mobile device data security system, the system comprising:

at least one non-transitory storage device;

at least one processor; and

at least one module stored in said storage device and comprising instruction code that is executable by the at least one processor and configured to cause said at least one processor to;

provide a data security application for installation on a mobile device of a user;

establish a communication link with the mobile device, wherein establishing further comprises creating a wireless data channel with the mobile device;

receive, via the established communication link, information associated with one or more third-party applications stored on the mobile device;

initiate a scan, via the established communication link, to determine whether the one or more third-party applications and one or more components associated with the mobile device are associated with a malicious code;

transmit control signals, via the established communication link, configured to cause the data security application to begin running in the background of the mobile device in response to determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code;

initiate, via the data security application, one or more actions to be executed on the mobile device of the user based on at least determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code, wherein initiating further comprises retrieving one or more user preferences associated with the one or more actions to be executed on the mobile device of the user, wherein the one or more actions limit one or more functionalities of the mobile device, wherein limiting further comprises disabling user access to one or more specific features associated with the one or more third-party applications, wherein the one or more user preferences comprises identifying the one or more specific features in each of the one or more third-party applications to be disabled;

determine a sensitivity score associated with the one or more third-party applications indicating which of the one or more third-party applications requires protection from unauthorized access to safeguard privacy and/or security of the user;

determine one or more specific features associated with the one or more third-party applications to disable based on at least the sensitivity score associated with the one or more third-party applications;

execute, via the data security application, the one or more actions on the mobile device of the user;

receive, via the data security application, a user input requesting access to at least one of the one or more specific features disabled due to the malicious code;

determine a level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code;

receive, via the data security application, one or more authentication credentials associated with the user;

determine that the one or more authentication credentials received from the user meets the level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code; and

restore user access to the at least one of the one or more specific features disabled due to the malicious code based on at least determining that the one or more authentication credentials meets the level of authentication required to access the at least one of the one or more specific features,wherein limiting further comprises disabling all wireless communication transmitted or receive from the mobile device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, computer program products, and methods are described herein for a mobile device data security system. The present invention is configured to establish a communication link with the mobile device; receive, via the established communication link, information associated with one or more third-party applications stored on the mobile device; initiate a scan, via the established communication link, to determine whether the one or more third-party applications are associated with a malicious code; transmit control signals, via the established communication link, configured to cause the data security application to begin running in the background of the mobile device in response to determining that the one or more third-party applications are associated with the malicious code; and initiate, via the data security application, one or more actions to be executed on the mobile device of the user, wherein the one or more actions limit one or more functionalities of the mobile device.

60 Citations

14 Claims

1. A mobile device data security system, the system comprising:
- at least one non-transitory storage device;
  
  at least one processor; and
  
  at least one module stored in said storage device and comprising instruction code that is executable by the at least one processor and configured to cause said at least one processor to;
  
  provide a data security application for installation on a mobile device of a user;
  
  establish a communication link with the mobile device, wherein establishing further comprises creating a wireless data channel with the mobile device;
  
  receive, via the established communication link, information associated with one or more third-party applications stored on the mobile device;
  
  initiate a scan, via the established communication link, to determine whether the one or more third-party applications and one or more components associated with the mobile device are associated with a malicious code;
  
  transmit control signals, via the established communication link, configured to cause the data security application to begin running in the background of the mobile device in response to determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code;
  
  initiate, via the data security application, one or more actions to be executed on the mobile device of the user based on at least determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code, wherein initiating further comprises retrieving one or more user preferences associated with the one or more actions to be executed on the mobile device of the user, wherein the one or more actions limit one or more functionalities of the mobile device, wherein limiting further comprises disabling user access to one or more specific features associated with the one or more third-party applications, wherein the one or more user preferences comprises identifying the one or more specific features in each of the one or more third-party applications to be disabled;
  
  determine a sensitivity score associated with the one or more third-party applications indicating which of the one or more third-party applications requires protection from unauthorized access to safeguard privacy and/or security of the user;
  
  determine one or more specific features associated with the one or more third-party applications to disable based on at least the sensitivity score associated with the one or more third-party applications;
  
  execute, via the data security application, the one or more actions on the mobile device of the user;
  
  receive, via the data security application, a user input requesting access to at least one of the one or more specific features disabled due to the malicious code;
  
  determine a level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code;
  
  receive, via the data security application, one or more authentication credentials associated with the user;
  
  determine that the one or more authentication credentials received from the user meets the level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code; and
  
  restore user access to the at least one of the one or more specific features disabled due to the malicious code based on at least determining that the one or more authentication credentials meets the level of authentication required to access the at least one of the one or more specific features,wherein limiting further comprises disabling all wireless communication transmitted or receive from the mobile device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The system of claim 1, wherein the module is further configured to cause the at least one processor to:
    - determine one or more actions to be taken by the user in response to determining that the one or more third-party applications are associated with the malicious code, wherein the one or more actions mitigates one or more effects of the malicious code; and
      
      transmit, via the established communication link, the one or more actions to the user.
  - 3. The system of claim 2, wherein the module is further configured to cause the at least one processor to:
    - receive an indication that the user has executed the one or more actions;
      
      initiate a scan, via the established communication link, to determine whether the one or more third-party applications continue to be associated with the malicious code;
      
      determine that the one or more third-party applications are not associated with the malicious code; and
      
      restore the one or more functionalities of the mobile device in response to determining that the one or more third-party applications are not associated with the malicious code.
  - 4. The system of claim 1, wherein the module is further configured to cause the at least one processor to determine that the malicious code is associated with tracking the user'"'"'s use of an input device associated with the mobile device.
  - 5. The system of claim 1, wherein the module is further configured to cause the at least one processor to disable user access to the one or more third-party applications in response to determining that the one or more third-party applications are associated with the malicious code.

6. A computerized method for remotely controlling access to a mobile device, the method comprising:
- providing, using a computing device processor, a data security application for installation on a mobile device of a user;
  
  establishing, using a computing device processor, a communication link with the mobile device, wherein establishing further comprises creating a wireless data channel with the mobile device;
  
  receiving, via the established communication link, information associated with one or more third-party applications stored on the mobile device;
  
  initiating a scan, via the established communication link, to determine whether the one or more third-party applications and one or more components associated with the mobile device are associated with a malicious code;
  
  transmitting control signals, via the established communication link, configured to cause the data security application to begin running in the background of the mobile device in response to determining that the one or more third-party applications and one or more components associated with the mobile device are associated with the malicious code; and
  
  initiating, via the data security application, one or more actions to be executed on the mobile device of the user based on at least determining that the one or more third-party applications and one or more components associated with the mobile device are associated with the malicious code, wherein initiating further comprises retrieving one or more user preferences associated with the one or more actions to be executed on the mobile device of the user, wherein the one or more actions limit one or more functionalities of the mobile device, wherein limiting further comprises disabling user access to one or more specific features associated with the one or more third-party applications, wherein the one or more user preferences comprises identifying the one or more specific features in each of the one or more third-party applications to be disabled;
  
  determining, using a computing device processor, a sensitivity score associated with the one or more third-party applications indicating which of the one or more third-party applications requires protection from unauthorized access to safeguard privacy and/or security of the user;
  
  determining, using a computing device processor, one or more specific features associated with the one or more third-party applications to disable based on at least the sensitivity score associated with the one or more third-party applications;
  
  executing, via the data security application, the one or more actions on the mobile device of the user;
  
  receiving, via the data security application, a user input requesting access to at least one of the one or more specific features disabled due to the malicious code;
  
  determining, using a computing device processor, a level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code;
  
  receiving, via the data security application, one or more authentication credentials associated with the user;
  
  determining, using a computing device processor, that the one or more authentication credentials received from the user meets the level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code; and
  
  restoring, via the data security application, user access to the at least one of the one or more specific features disabled due to the malicious code based on at least determining that the one or more authentication credentials meets the level of authentication required to access the at least one of the one or more specific features,wherein limiting further comprises disabling all wireless communication transmitted or receive from the mobile device.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the method further comprises:
    - determining one or more actions to be taken by the user in response to determining that the one or more third-party applications are associated with the malicious code, wherein the one or more actions mitigates one or more effects of the malicious code; and
      
      transmitting, via the established communication link, the one or more actions to the user.
  - 8. The method of claim 7, wherein the method further comprises:
    - receiving an indication that the user has executed the one or more actions;
      
      initiating a scan, via the established communication link, to determine whether the one or more third-party applications continue to be associated with the malicious code;
      
      determining that the one or more third-party applications are not associated with the malicious code; and
      
      restore the one or more functionalities of the mobile device in response to determining that the one or more third-party applications are not associated with the malicious code.
  - 9. The method of claim 6, wherein the method further comprises determining that the malicious code is associated with tracking the user'"'"'s use of an input device associated with the mobile device.
  - 10. The method of claim 6, wherein the module is further configured to cause the at least one processor to disable user access to the one or more third-party applications in response to determining that the one or more third-party applications are associated with the malicious code.

11. A computer program product for mobile device data security system, the computer program product comprising a non-transitory computer-readable medium comprising code causing a first apparatus to:
- provide a data security application for installation on a mobile device of a user;
  
  establish a communication link with the mobile device, wherein establishing further comprises creating a wireless data channel with the mobile device;
  
  receive, via the established communication link, information associated with one or more third-party applications stored on the mobile device;
  
  initiate a scan, via the established communication link, to determine whether the one or more third-party applications and one or more components associated with the mobile device are associated with a malicious code;
  
  transmit control signals, via the established communication link, configured to cause the data security application to begin running in the background of the mobile device in response to determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code;
  
  initiate, via the data security application, one or more actions to be executed on the mobile device of the user based on at least determining that the one or more third-party applications and the one or more components associated with the mobile device are associated with the malicious code, wherein initiating further comprises retrieving one or more user preferences associated with the one or more actions to be executed on the mobile device of the user, wherein the one or more actions limit one or more functionalities of the mobile device, wherein limiting further comprises disabling user access to one or more specific features associated with the one or more third-party applications, wherein the one or more user preferences comprises identifying the one or more specific features in each of the one or more third-party applications to be disabled;
  
  determine a sensitivity score associated with the one or more third-party applications indicating which of the one or more third-party applications requires protection from unauthorized access to safeguard privacy and/or security of the user;
  
  determine one or more specific features associated with the one or more third-party applications to disable based on at least the sensitivity score associated with the one or more third-party applications;
  
  execute, via the data security application, the one or more actions on the mobile device of the user;
  
  receive, via the data security application, a user input requesting access to at least one of the one or more specific features disabled due to the malicious code;
  
  determine a level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code;
  
  receive, via the data security application, one or more authentication credentials associated with the user;
  
  determine that the one or more authentication credentials received from the user meets the level of authentication required to access the at least one of the one or more specific features disabled due to the malicious code; and
  
  restore user access to the at least one of the one or more specific features disabled due to the malicious code based on at least determining that the one or more authentication credentials meets the level of authentication required to access the at least one of the one or more specific features,wherein limiting further comprises disabling all wireless communication transmitted or receive from the mobile device.
- View Dependent Claims (12, 13, 14)
- - 12. The computer program product of claim 11, wherein the first apparatus is further configured to cause the at least one processor to:
    - determine one or more actions to be taken by the user in response to determining that the one or more third-party applications are associated with the malicious code, wherein the one or more actions mitigates one or more effects of the malicious code; and
      
      transmit, via the established communication link, the one or more actions to the user.
  - 13. The computer program product of claim 11, wherein the first apparatus is further configured to cause the at least one processor to:
    - receive an indication that the user has executed the one or more actions;
      
      initiate a scan, via the established communication link, to determine whether the one or more third-party applications continue to be associated with the malicious code;
      
      determine that the one or more third-party applications are not associated with the malicious code; and
      
      restore the one or more functionalities of the mobile device in response to determining that the one or more third-party applications are not associated with the malicious code.
  - 14. The computer program product of claim 12, wherein the first apparatus is further configured to cause the at least one processor to determine that the malicious code is associated with tracking the user'"'"'s use of an input device associated with the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Jones-McFadden, Alicia C.
Primary Examiner(s)
Turchen, James R

Application Number

US14/987,745
Publication Number

US 20170193228A1
Time in Patent Office

897 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/56   Computer malware detection ...

G06F 21/564   by virus signature recognition

Mobile device data security system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

60 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile device data security system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links