MOBILE DEVICE PERSISTENT SECURITY MECHANISM

US 20140373184A1
Filed: 06/12/2013
Published: 12/18/2014
Est. Priority Date: 06/12/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method of identifying a device reset of a mobile communications device comprising:

causing, by a security program on the mobile communications device, an identifier associated with the mobile communications device to be sent to a server;

using the security program, determining whether there has been the device reset; and

if there has been the device reset, causing, by the security program, the identifier and an indication that there has been the device reset to be sent to a server, wherein the security program is not erased during the device reset.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security application program provides features to help users recover their stolen mobile communication devices. The security application program may be pre-loaded into a system partition of the mobile device so that the security application program will not be erased during a wipe or factory reset of the mobile device. An owner registration service may be provided to help verify ownership of the mobile device.

101 Citations

View as Search Results

66 Claims

1. A method of identifying a device reset of a mobile communications device comprising:
- causing, by a security program on the mobile communications device, an identifier associated with the mobile communications device to be sent to a server;
  
  using the security program, determining whether there has been the device reset; and
  
  if there has been the device reset, causing, by the security program, the identifier and an indication that there has been the device reset to be sent to a server, wherein the security program is not erased during the device reset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 comprising:
    - preloading the security program onto the mobile communications device, the security program thereby being stored on the mobile communications device before the mobile communications device is provided to a user.
  - 3. The method of claim 1 wherein the security program receives a response sent by the server to the mobile communications device causing the security program to alert a user that the device has a registered owner.
  - 4. The method of claim 3 wherein the security program receives a response sent by the server to the mobile communications device causing the security program to alert the user that the registered owner has reported the device as stolen or missing.
  - 5. The method of claim 1 wherein the security program receives a response sent by the server to the mobile communications device causing the security program to lock the device.
  - 6. The method of claim 1 wherein the security program receives a response sent by the server to the mobile communications device causing the security program to locate the device.
  - 7. The method of claim 1 wherein the security program receives a response sent by the server to the mobile communications device causing the security program to send a plurality of device contextual information, wherein the contextual information comprises sensor readings, photographs, audio, video, or nearby WiFi base stations or cell towers from the device.
  - 8. The method of claim 1 wherein the identifier comprises an International Mobile Equipment Identity (IMEI) number, a Mobile Equipment Identifier (MEID) number, a WiFi Media Access Control (MAC) Address, a Bluetooth (BT) MAC Address, a central processing unit (CPU) serial number, a System on Chip (SoC) serial number, an Android iSerial, an Android ID, an Integrated Circuit Card Identifier (ICCID), a subscriber identity module (SIM) serial number, or a subscriber ID (MSI).
  - 9. The method of claim 1 wherein the identifier that is sent following the device reset is one that had been stored on the mobile communications device in a location that survived the device reset.

10. A method comprising:
- receiving at a server an identifier and an indication that there has been a device reset from a security program that has been preloaded onto a mobile communications device, the security program thereby being stored on the mobile communications device before the mobile communications device is provided to a user; and
  
  checking an ownership registry to determine if the mobile communications device has a registered owner.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 11. The method of claim 10 wherein the server sends a response to the security program on the mobile communications device causing the security program to alert the user that the device has a registered owner.
  - 12. The method of claim 10 wherein the server sends a response to the security program on the mobile communications device causing the security program to alert a current user that the registered owner has reported the device as stolen or missing.
  - 13. The method of claim 10 wherein the server sends a response to the security program on the mobile communications device causing the security program to lock the device.
  - 14. The method of claim 10 wherein the server sends a response to the security program on the mobile communications device causing the security program to locate the device.
  - 15. The method of claim 10 wherein the server sends a response to the security program on the mobile communications device causing the security program to send a plurality of device contextual information, wherein the contextual information comprises sensor readings, photographs, audio, video, or nearby WiFi base stations or cell towers from the device.
  - 16. The method of claim 10 wherein the server notifies the registered owner that the security program on the mobile communications device has communicated with the server.
  - 17. The method of claim 16 wherein the server notifies the registered owner the location of the device.
  - 18. The method of claim 16 wherein the server receives a request from the registered owner to send a response to the security program on the mobile communications device causing the security program to lock the device.
  - 19. The method of claim 16 wherein the server receives a request from the registered owner to send a response to the security program on the mobile communications device causing the security program to locate the device.
  - 20. The method of claim 16 wherein the server receives a request from the registered owner to send a response to the security program on the mobile communications device causing the security program to send a plurality of device contextual information, wherein the contextual information comprises sensor readings, photographs, audio, video, or nearby WiFi base stations or cell towers from the device.
  - 21. The method of claim 10 wherein the server sends a notification to a law enforcement agency that a mobile communications device that has been reported as missing or stolen has communicated with the server.
  - 22. The method of claim 21 wherein the server notifies the law enforcement agency of the location of the device.
  - 23. The method of claim 21 wherein the server receives a request from the law enforcement agency to send a response to the security program on the mobile communications device causing the security program to lock the device.
  - 24. The method of claim 21 wherein the server receives a request from the law enforcement agency to send a response to the security program on the mobile communications device causing the security program to locate the device.
  - 25. The method of claim 21 wherein the server receives a request from the law enforcement agency to send a response to the security program on the mobile communications device causing the security program to send a plurality of device contextual information, wherein the contextual information comprises sensor readings, photographs, audio, video, or nearby WiFi base stations or cell towers from the device.
  - 26. The method of claim 10 wherein the server sends a notification to carrier to which the mobile communications device is currently associated that the device has been reported as missing or stolen and has communicated with the server.

27. A method comprising:
- transmitting from a mobile communications device to a server a request to register a user of the mobile communications device as being an owner of the mobile communications device.

28. A method comprising:
- receiving at a registration server a request from a user of a mobile communications device to be registered as an owner of the mobile communications device.

29. A method comprising:
- transmitting from a mobile communications device to a server a request by an owner of the mobile communications device to transfer ownership of the mobile communications device.

30. A method comprising:
- receiving at a registration server a request by an owner of a mobile communications device to transfer ownership of the mobile communications device to a different user.

31. A method comprising:
- transmitting from a mobile communications device to a server a notice by a registered owner of the mobile communications device that the registered owner has sold the mobile communications device and should no longer be the registered owner.

32. A method comprising:
- receiving at a registration server a notice by a registered owner of a mobile communications device that the registered owner has sold the mobile communications device and should no longer be the registered owner.

33. A method comprising:
- causing, by an application program on a mobile communications device, a request to verify ownership of the mobile communications device to be sent to a server.
- View Dependent Claims (34, 35, 36, 37, 38, 39)
- - 34. The method of claim 33 wherein the request comprises a plurality of identifiers associated with the mobile communications device.
  - 35. The method of claim 33 wherein the request is sent the first time that the application program runs after installation on the mobile communications device.
  - 36. The method of claim 33 wherein the request is sent periodically from the application program.
  - 37. The method of claim 33 wherein the application program is preloaded on the mobile communications device, the application program thereby being stored on the mobile communications device before the mobile communications device is provided to a user.
  - 38. The method of claim 33 wherein the application program contains a security library or security component which sends the request.
  - 39. The method of claim 33 wherein the application program detects that there has been a wipe on first boot after a wipe and causes the request to be sent to the server.

40. A method comprising:
- providing a security program to a system builder for the system builder to install the security program in a first memory partition of a mobile communications device;
  
  registering a first user as being an owner or authorized user of the mobile communications device;
  
  intercepting, by the security program, an attempt to clear all user data stored in a second memory partition of the mobile communications device, different from the first memory partition;
  
  determining that the attempt was made by a second user who is not registered as the owner or authorized user of the mobile communications device; and
  
  upon the determination, generating an alert.
- View Dependent Claims (41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52)
- - 41. The method of claim 40 wherein the system builder comprises a device manufacturer.
  - 42. The method of claim 40 wherein the system builder comprises a carrier.
  - 43. The method of claim 40 wherein the first memory partition comprises an operating system of the mobile communications device.
  - 44. The method of claim 40 wherein the first memory partition is a system partition.
  - 45. The method of claim 40 comprising:
    - after the determining, blocking the attempt to clear all the user data; and
      
      displaying a warning message on an electronic screen of the mobile communications device.
  - 46. The method of claim 40 wherein the determining that the attempt was made by a second user who is not registered as the owner or authorized user of the mobile communications device comprises:
    - prompting the second user to supply authorization credentials to allow the clear of all user data stored in the second memory partition;
      
      receiving input of the authorization credentials from the second user;
      
      comparing the inputted authorization credentials to information provided during the registration; and
      
      determining that the inputted authorization credentials is different from the information provided during the registration.
  - 47. The method of claim 40 wherein the determining that the attempt was made by a second user who is not registered as the owner or authorized user of the mobile communications device comprises:
    - requesting permission from an enterprise administrator to allow the clear of all the user data; and
      
      receiving a denial of the request.
  - 48. The method of claim 40 wherein the alert comprises a silent alert, and the method comprises:
    - hiding all the user data stored in the second memory partition to give an appearance of all the user data being cleared.
  - 49. The method of claim 48 comprising:
    - entering a stolen mode; and
      
      while in the stolen mode, tracking a location of the mobile communications device.
  - 50. The method of claim 48 comprising:
    - entering a stolen mode; and
      
      while in the stolen mode, collecting context information associated with the second user of the mobile communications device.
  - 51. The method of claim 50 comprising:
    - transmitting the collected context information to a server.
  - 52. The method of claim 50 comprising:
    - providing the collected context information to at least one of the first user, a device administrator, or a pre-specified network destination.

53. A method comprising:
- detecting an attempt to clear all user data from the mobile communications device;
  
  determining that the attempt to clear all user data was made by a second user who is not registered as the owner or authorized user of the mobile communications device; and
  
  after the step of determining that the attempt to clear all user data was made by the second user, installing a security program on the mobile communications device.
- View Dependent Claims (54, 55)
- - 54. The method of claim 53 wherein the installing a security program comprises:
    - installing the security program in a system partition of the mobile communications device.
  - 55. The method of claim 53 comprising:
    - permitting the attempt to clear all user data from the mobile communications device, wherein the security program is installed in a system partition of the mobile communications device to prevent the security program from being deleted with the clearing of all user data from the mobile communications device.

56. A method comprising:
- storing a registry;
  
  registering in the registry a mobile communications device as having an owner;
  
  receiving from a communications provider of the mobile communications device a request to verify whether the mobile communications device has a registered owner;
  
  consulting the registry to verify whether the mobile communications device is registered;
  
  informing the communications provider of the registration; and
  
  based on the mobile communications device being registered, receiving location tracking information associated with the mobile communications device from the communications provider, wherein the request to verify whether the mobile communications device has a registered owner or authorized user is sent by the communications provider after the communications provider receives from the mobile communications device an indication that the mobile communications device has been reset to a factory setting.
- View Dependent Claims (57, 58)
- - 57. The method of claim 56 wherein the request comprises an International Mobile Equipment Identifier (IMEI) associated with the mobile communications device and the consulting the registry comprises:
    - searching the registry for an IMEI that matches the IMEI included in the request.
  - 58. The method of claim 56 wherein the owner is a first user and the method comprises:
    - registering in the registry the mobile communications device as having a new owner, the new owner being a second user, different from the first user; and
      
      notifying the first user that the second user is the new owner of the mobile communications device.

59. A method comprising:
- storing a registry;
  
  registering in the registry the mobile communications device as belonging to an owner;
  
  receiving a report indicating that the mobile communications device is missing;
  
  updating the registry to indicate that the mobile communications device is missing;
  
  receiving from an application program on the mobile communications device a request to verify ownership of the mobile communications device;
  
  consulting the registry to verify the ownership of the mobile communications device;
  
  upon consulting the registry, determining that the mobile communications device was reported missing; and
  
  based on the determination, generating an alert.
- View Dependent Claims (60, 61, 62)
- - 60. The method of claim 59 wherein the request is received after the mobile communications device has been reset to a factory setting.
  - 61. The method of claim 59 wherein the request is received after all user data on the mobile communications device has been cleared.
  - 62. The method of claim 59 wherein the request comprises an International Mobile Equipment Identifier (IMEI) associated with the mobile communications device and the consulting the registry comprises:
    - searching the registry for an IMEI that matches the IMEI included in the request.

63. A method comprising:
- sending from an application program on a mobile communications device a request to verify ownership of the mobile communications device to a server.
- View Dependent Claims (64, 65, 66)
- - 64. The method of claim 63 wherein the request comprises a plurality of identifiers associated with the mobile communications device.
  - 65. The method of claim 63 wherein the request is sent the first time that the application program runs after installation on the mobile device.
  - 66. The method of claim 63 wherein the request is sent periodically from the application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookout Incorporated
Original Assignee
Lookout Incorporated
Inventors
Mahaffey, Kevin Patrick, Buck, Brian James, Nandwani, Ankur Bharatbhushan, Gupte, Samir Vilas

Application Number

US13/916,484
Publication Number

US 20140373184A1
Time in Patent Office

Days
Field of Search
US Class Current

726/35
CPC Class Codes

G06F 21/88 Detecting or preventing the...

H04W 12/126 Anti-theft arrangements, e....

MOBILE DEVICE PERSISTENT SECURITY MECHANISM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

101 Citations

66 Claims

Specification

Use Cases

Quick Links

Others

MOBILE DEVICE PERSISTENT SECURITY MECHANISM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

101 Citations

66 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others