×

Assessing application authenticity and performing an action in response to an evaluation result

  • US 10,256,979 B2
  • Filed: 12/13/2013
  • Issued: 04/09/2019
  • Est. Priority Date: 06/05/2012
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • receiving, by a server, over a communication network from a second computing device, a known signing identifier of a known source;

    storing, by the server, component data for at least one known component of the known source;

    receiving, by the server, from a first computing device, a first signing identifier for a first application to be installed on the first computing device, wherein a third computing device provides the first application for installation on the first computing device;

    receiving, by the server, from the third computing device, a first package identifier of the first application;

    in response to receiving the first signing identifier from the first computing device;

    challenging the known source to authenticate itself, the challenge comprising sending data to the second computing device to be signed with a private key, receiving the signed data from the second computing device, and confirming the signed data corresponds to the known signing identifier;

    in response to confirming the signed data corresponds to the known signing identifier;

    identifying a first plurality of applications other than the first application that are each signed with the known signing identifier, andidentifying a second plurality of applications that are each similar to the first application and are each signed with a signing identifier that is different from the known signing identifier, wherein the identifying comprises making a comparison between a characteristic of the component data attributable to a component associated with the first package identifier and a characteristic that has been identified in the first application, and determining that each of the second plurality of applications uses the at least one known component of the known source; and

    evaluating, by the server, authenticity of the first application to provide a result, the evaluating comprising determining that the at least one known component is similar to at least one first component of the first application, the similarity based on comparing a structural characteristic of the at least one first component to the component data for the at least one known component, and determining that the first signing identifier is different from the known signing identifier, wherein the evaluating is further based on a plurality of inputs comprising a history of prior usage of the first signing identifier to sign a known bad application other than the first application; and

    in response to the result, sending, by the server, over the communication network, at least one electronic communication to the first computing device to block installation of the first application on the first computing device, and sending at least one communication to the second computing device regarding usage of the at least one known component in the first application, wherein the at least one communication further identifies the first plurality of applications and the second plurality of applications.

View all claims
  • 8 Assignments
Timeline View
Assignment View
    ×
    ×