METHODS AND SYSTEMS FOR ADDRESSING MOBILE COMMUNICATIONS DEVICES THAT ARE LOST OR STOLEN BUT NOT YET REPORTED AS SUCH
First Claim
Patent Images
1. A method comprising:
- detecting, by a security component on a mobile communications device, a usage of the mobile communications device;
comparing, by the security component, the detected usage to a stored usage pattern associated with an authorized user of the mobile communications device to determine if there is a difference between the detected usage and the stored usage pattern;
associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern;
determining, by the security component, that the detected usage was not caused by the authorized user when the associated measure is beyond a threshold measure; and
in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the mobile communications device to be used to access a resource.
10 Assignments
0 Petitions
Accused Products
Abstract
A method is provided for evaluating the usage of a mobile communications device that itself provides access to a resource. In the method, a detected usage of the mobile communications device is compared to a stored usage pattern of an authorized user. When a measure associated with the difference between the detected usage and the stored usage pattern exceeds a threshold, it is concluded that the mobile communications device is being used by an unauthorized user. In response to this conclusion, a restriction is placed on an ability of the mobile communications device to access the resource.
91 Citations
46 Claims
-
1. A method comprising:
-
detecting, by a security component on a mobile communications device, a usage of the mobile communications device; comparing, by the security component, the detected usage to a stored usage pattern associated with an authorized user of the mobile communications device to determine if there is a difference between the detected usage and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern; determining, by the security component, that the detected usage was not caused by the authorized user when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the mobile communications device to be used to access a resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method comprising:
-
detecting, by a security component on a mobile communications device, an event related to the mobile communications device; comparing, by the security component, the detected event to a stored usage pattern associated with an authorized user of the mobile communications device to determine if there is a difference between the detected event and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected event and the stored usage pattern; determining, by the security component, that the detected event was not caused by the authorized user when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the mobile communications device to be used to access a resource. - View Dependent Claims (40, 41, 42)
-
-
43. A method comprising:
-
detecting, by a security component on a mobile communications device, a usage of the mobile communications device; comparing, by the security component, the detected usage to a stored usage pattern associated with an authorized user of the mobile communications device to determine if there is a difference between the detected usage and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern; determining, by the security component, that the detected Usage was not caused by the authorized user when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing the mobile communications device to emit a sound encoded with information identifying the mobile communications device. - View Dependent Claims (44, 45, 46)
-
Specification