Systems and methods for detecting and preventing spoofing
First Claim
Patent Images
1. A method, performed by at least one computer, the method comprising:
- receiving a communication from an application program executing on a client device different from the at least one computer;
identifying from the communication an asserted identity of the application program;
determining whether the application program has the asserted identity at least in part by;
interacting with the client device to obtain additional information about at least one capability of the application program, the interacting comprising;
transmitting, via at least one network to the client device, a software program that, when executed by the client device, collects the additional information about the at least one capability of the application program at least in part by programmatically testing the application program to determine whether the application program is able to recognize an object; and
receiving, from the client device, the additional information about the at least one capability of the application program; and
determining whether the additional information about the at least one capability of the application program indicates that the application program is able to recognize the object, the determining comprising;
comparing the additional information about the at least one capability of the application program to information about one or more application programs having the asserted identity;
determining whether the application program has the asserted identity based at least in part on whether the application program is able to recognize the object;
granting the client device access to a resource responsive to determining that the application program has the asserted identity; and
denying the client device access to the resource responsive to determining that the application program does not have the asserted identity.
2 Assignments
0 Petitions
Accused Products
Abstract
Techniques for detecting application program spoofing. The techniques include: receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the communication an asserted identity of the application program; and verifying the asserted identity of the application program at least in part by: interacting with the client device to obtain additional information about the application program, and determining whether the additional information about the application program is consistent with the asserted identity of the application program.
112 Citations
19 Claims
-
1. A method, performed by at least one computer, the method comprising:
-
receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the communication an asserted identity of the application program; determining whether the application program has the asserted identity at least in part by; interacting with the client device to obtain additional information about at least one capability of the application program, the interacting comprising; transmitting, via at least one network to the client device, a software program that, when executed by the client device, collects the additional information about the at least one capability of the application program at least in part by programmatically testing the application program to determine whether the application program is able to recognize an object; and receiving, from the client device, the additional information about the at least one capability of the application program; and determining whether the additional information about the at least one capability of the application program indicates that the application program is able to recognize the object, the determining comprising; comparing the additional information about the at least one capability of the application program to information about one or more application programs having the asserted identity; determining whether the application program has the asserted identity based at least in part on whether the application program is able to recognize the object; granting the client device access to a resource responsive to determining that the application program has the asserted identity; and denying the client device access to the resource responsive to determining that the application program does not have the asserted identity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system, comprising:
-
at least one computer; at least one non-transitory computer-readable storage medium storing processor-executable instructions that, when executed by the at least one computer, causes the at least one computer to perform; receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the received communication an asserted identity of the application program; determining whether the application program has the asserted identity at least in part by; interacting with the client device to obtain additional information about s at least one capability of the application program, the interacting comprising; transmitting, via at least one network to the client device, a software program that, when executed by the client device, collects the additional information about the at least one capability of the application program at least in part by programmatically testing the application program to determine whether the application program is able to recognize an object; and receiving, from the client device, the additional information about the at least one capability of the application program; and determining whether the additional information about the at least one capability of the application program indicates that the application program is able to recognize the object, the determining comprising; comparing the additional information about the at least one capability of the application program to information about one or more application programs having the asserted identity; determining whether the application program has the asserted identity based at least in part on whether the application program is able to recognize the object; granting the client device access to a resource responsive to determining that the application program has the asserted identity; and denying the client device access to the resource responsive to determining that the application program does not have the asserted identity. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. At least one non-transitory computer-readable storage medium storing processor-executable instructions that, when executed by at least one computer, causes the at least one computer to perform:
-
receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the received communication an asserted identity of the application program; and determining whether the application program has the asserted identity at least in part by; interacting with the client device to obtain additional information about at least one capability of the application program, the interacting comprising; transmitting, via at least one network to the client device, a software program that, when executed by the client device, collects the additional information about the at least one capability of the application program at least in part by programmatically testing the application program to determine whether the application program is able to recognize an object; and receiving, from the client device, the additional information about the at least one capability of the application program; and determining whether the additional information indicates that the application program is able to recognize the object, the determining comprising; comparing the additional information about the at least one capability of the application program to information about one or more application programs having the asserted identity; determining whether the application program has the asserted identity based at least in part on whether the application program is able to recognize the object; granting the client device access to a resource responsive to determining that the application program has the asserted identity; and denying the client device access to the resource responsive to determining that the application program does not have the asserted identity. - View Dependent Claims (16, 17, 18, 19)
-
Specification