Proactive Security for Mobile Devices

US 20110141276A1
Filed: 12/14/2009
Published: 06/16/2011
Est. Priority Date: 12/14/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, comprising:

on a server computer, transmitting a first security command to a mobile device in response to a security request from a requester;

receiving one or more security parameters from the mobile device in response to the first security command;

determining a security status of the mobile device based on the received one or more security parameters; and

providing the security status to the requester.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, program products, and systems for proactively securing mobile devices are described. A mobile device can proactively determine whether the mobile device is associated with a security risk and the level of the security risk. Upon determining a security risk, the mobile device can transmit coordinates of its current geographic location to a server. To protect privacy of authorized users, the transmission can be disabled by entering a password. If multiple failed password attempts are detected, the mobile device can proactively increase a security level of the device, and selectively protect files or other content stored on the mobile device. In some implementations, the mobile device can be transitioned into a surveillance mode where the mobile device records or captures information associated with one or more of user actions, ambient sound, images, a trajectory of the device, and transmits the recorded or captured information to the network resource.

223 Citations

46 Claims

1. A computer-implemented method, comprising:
- on a server computer, transmitting a first security command to a mobile device in response to a security request from a requester;
  
  receiving one or more security parameters from the mobile device in response to the first security command;
  
  determining a security status of the mobile device based on the received one or more security parameters; and
  
  providing the security status to the requester.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the security parameters includes coordinates of a geographical location of the mobile device.
  - 3. The method of claim 1, further comprising:
    - determining a security risk factor based on the security status; and
      
      sending to the mobile device a second security command based on the security risk factor and a data security scheme, the data security scheme including user preferences on responses corresponding to the security status and security risk factor.
  - 4. The method of claim 3, wherein the second security command is operable to deactivate user installed programs on the mobile device and scramble at least a portion of user data on the mobile device.
  - 5. The method of claim 3, wherein the second security command is operable to erase information related to the requester on the mobile device.
  - 6. The method of claim 3, further comprising:
    - receiving recorded activities from the mobile device, the activities recorded in response to the second security command.

7. A computer-implemented method executed by a mobile device, comprising:
- detecting a security event;
  
  evaluating a risk factor of the security event;
  
  performing at least one security act, including sending a security alert to a server, the security alert identifying a current security status of the mobile device and a description of the security event; and
  
  setting the mobile device to a secure mode of operation, including selectively protecting information from being accessed according to an information protection scheme and the risk factor.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 8. The method of claim 7, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under secure mode;
      
      creating at least one simulated password on the mobile device;
      
      receiving a login request, the login request including the simulated password;
      
      submitting location information of the mobile to the server; and
      
      disabling user applications of the mobile device.
  - 9. The method of claim 7, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode;
      
      recording user actions on the mobile device; and
      
      transmitting the recorded user actions to the server.
  - 10. The method of claim 9, wherein recording the user actions comprises recording a telephone call, including:
    - displaying a reminder that telephone number dialed and audio conversations will be recorded;
      
      recording a phone number dialed after the reminder has been displayed; and
      
      recording audio conversations of the telephone call.
  - 11. The method of claim 7, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode; and
      
      after displaying the security warning;
      
      capturing visual images using a digital camera of the mobile device; and
      
      transmitting the captured visual image to the server.
  - 12. The method of claim 7, where the security event includes receiving from a server a command requesting the mobile device to operate in secure mode.
  - 13. The method of claim 7, where the security act further comprises:
    - sending the security alert after a timeout period.
  - 14. The method of claim 7, where the security act further comprises:
    - sending the security alert after the mobile device is inactive for a predetermined period of time.
  - 15. The method of claim 7, where the security act further comprises:
    - sending the security alert after a battery level of the mobile drops below a threshold.
  - 16. The method of claim 7, where the security act further comprises:
    - display a security warning on the mobile device, the security warning including a current location of the mobile device and contact information of a user of the mobile device.
  - 17. The method of claim 7, where the security event includes a number of failed password attempts.
  - 18. The method of claim 7, where calculating the risk factor includes:
    - determining that a number of failed password attempts has exceeded a security threshold;
      
      determining that at least some of the attempted passwords in a password list; and
      
      determining the risk factor including evaluating a risk of security breach based on the number of password attempts or the passwords that are in the password list.

19. A system, comprising:
- one or more computers configured to perform operations comprising;
  
  transmitting a first security command to a mobile device in response to a security request from a requester;
  
  receiving one or more security parameters from the mobile device in response to the first security command;
  
  determining a security status of the mobile device based on the received one or more security parameters; and
  
  providing the security status to the requester.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The system of claim 19, wherein the security parameters includes coordinates of a geographical location of the mobile device.
  - 21. The system of claim 19, the operations further comprising:
    - determining a security risk factor based on the security status; and
      
      sending to the mobile device a second security command based on the security risk factor and a data security scheme, the data security scheme including user preferences on responses corresponding to the security status and security risk factor.
  - 22. The system of claim 21, wherein the second security command is operable to deactivate user installed programs on the mobile device and scramble at least a portion of user data on the mobile device.
  - 23. The system of claim 21, wherein the second security command is operable to erase information related to the requester on the mobile device.
  - 24. The system of claim 21, the operations further comprising:
    - receiving recorded activities from the mobile device, the activities recorded in response to the second security command.

25. A system comprising:
- a mobile device configured to perform operations comprising;
  
  detecting a security event;
  
  evaluating a risk factor of the security event;
  
  performing at least one security act, including sending a security alert to a server, the security alert identifying a current security status of the mobile device and a description of the security event; and
  
  setting the mobile device to a secure mode of operation, including selectively protecting information from being accessed according to an information protection scheme and the risk factor.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32)
- - 26. The system of claim 25, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under secure mode;
      
      creating at least one simulated password on the mobile device;
      
      receiving a login request, the login request including the simulated password;
      
      submitting location information of the mobile to the server; and
      
      disabling user applications of the mobile device.
  - 27. The system of claim 25, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode;
      
      recording user actions on the mobile device; and
      
      transmitting the recorded user actions to the server.
  - 28. The system of claim 27, wherein recording the user actions comprises recording a telephone call, including:
    - displaying a reminder that telephone number dialed and audio conversations will be recorded;
      
      recording a phone number dialed after the reminder has been displayed; and
      
      recording audio conversations of the telephone call.
  - 29. The system of claim 25, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode; and
      
      after displaying the security warning;
      
      capturing visual images using a digital camera of the mobile device; and
      
      transmitting the captured visual image to the server.
  - 30. The system of claim 25, where the security act further comprises:
    - display a security warning on the mobile device, the security warning including a current location of the mobile device and contact information of a user of the mobile device.
  - 31. The system of claim 25, where the security event includes a number of failed password attempts.
  - 32. The system of claim 25, where calculating the risk factor includes:
    - determining that a number of failed password attempts has exceeded a security threshold;
      
      determining that at least some of the attempted passwords in a password list; and
      
      determining the risk factor including evaluating a risk of security breach based on the number of password attempts or the passwords that are in the password list.

33. A computer program product tangibly stored on a storage device, operable to cause a computer to perform operations comprising:
- transmitting a first security command to a mobile device in response to a security request from a requester;
  
  receiving one or more security parameters from the mobile device in response to the first security command;
  
  determining a security status of the mobile device based on the received one or more security parameters; and
  
  providing the security status to the requester.
- View Dependent Claims (34, 35, 36, 37, 38)
- - 34. The computer program product of claim 33, wherein the security parameters includes coordinates of a geographical location of the mobile device.
  - 35. The computer program product of claim 33, the operations further comprising:
    - determining a security risk factor based on the security status; and
      
      sending to the mobile device a second security command based on the security risk factor and a data security scheme, the data security scheme including user preferences on responses corresponding to the security status and security risk factor.
  - 36. The computer program product of claim 35, wherein the second security command is operable to deactivate user installed programs on the mobile device and scramble at least a portion of user data on the mobile device.
  - 37. The computer program product of claim 35, wherein the second security command is operable to erase information related to the requester on the mobile device.
  - 38. The computer program product of claim 35, the operations further comprising:
    - receiving recorded activities from the mobile device, the activities recorded in response to the second security command.

39. A computer program product tangibly stored on a storage device, operable to cause a mobile device to perform operations comprising:
- detecting a security event;
  
  evaluating a risk factor of the security event;
  
  performing at least one security act, including sending a security alert to a server, the security alert identifying a current security status of the mobile device and a description of the security event; and
  
  setting the mobile device to a secure mode of operation, including selectively protecting information from being accessed according to an information protection scheme and the risk factor.
- View Dependent Claims (40, 41, 42, 43, 44, 45, 46)
- - 40. The computer program product of claim 39, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under secure mode;
      
      creating at least one simulated password on the mobile device;
      
      receiving a login request, the login request including the simulated password;
      
      submitting location information of the mobile to the server; and
      
      disabling user applications of the mobile device.
  - 41. The computer program product of claim 39, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode;
      
      recording user actions on the mobile device; and
      
      transmitting the recorded user actions to the server.
  - 42. The computer program product of claim 39, wherein recording the user actions comprises recording a telephone call, including:
    - displaying a reminder that telephone number dialed and audio conversations will be recorded;
      
      recording a phone number dialed after the reminder has been displayed; and
      
      recording audio conversations of the telephone call.
  - 43. The computer program product of claim 39, wherein performing the security act further includes:
    - displaying a security warning on the mobile device indicating the mobile device will be operating under security mode; and
      
      after displaying the security warning;
      
      capturing visual images using a digital camera of the mobile device; and
      
      transmitting the captured visual image to the server.
  - 44. The computer program product of claim 39, where the security act further comprises:
    - display a security warning on the mobile device, the security warning including a current location of the mobile device and contact information of a user of the mobile device.
  - 45. The computer program product of claim 39, where the security event includes a number of failed password attempts.
  - 46. The computer program product of claim 39, where calculating the risk factor includes:
    - determining that a number of failed password attempts has exceeded a security threshold;
      
      determining that at least some of the attempted passwords in a password list; and
      
      determining the risk factor including evaluating a risk of security breach based on the number of password attempts or the passwords that are in the password list.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Borghei, Hooman

Granted Patent

US 9,258,715 B2
Time in Patent Office

Days
Field of Search
US Class Current

348/143
CPC Class Codes

H04M 1/673   the user being required to ...

H04M 1/72403   with means for local suppor...

H04M 1/72457   according to geographic loc...

H04M 1/72463   to restrict the functionali...

H04M 1/724631   by limiting the access to t...

H04M 3/42221   Conversation recording syst...

H04W 12/08   Access security

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 4/14   Short messaging services, e...

Proactive Security for Mobile Devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

223 Citations

46 Claims

Specification

Use Cases

Quick Links

Others

Proactive Security for Mobile Devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

223 Citations

46 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others