Method and system for evaluating security for an interactive service operation by a mobile device
First Claim
Patent Images
1. A method for evaluating security during an interactive service operation by a mobile communications device, the method comprising:
- identifying, by a security component on a mobile communications device, a launch of an interactive service configured to communicate with a server over a network during an interactive service operation, wherein the interactive service is associated with an entity and is configured to transmit data to and receive data from a target website purportedly associated with the entity;
verifying that the target website is an authentic website associated with the entity, wherein the verifying includes identifying a domain of the target website based on a uniform resource locator (URL) of the target website and includes determining that the domain of the target website is registered by the entity;
in response to the launch of the interactive service, generating, by the security component, a security evaluation of the interactive service based on a plurality of trust factors including;
a trust factor related to a current state of the mobile communications device, a trust factor related to a security feature of the interactive service, and a trust factor related to a security feature of the network; and
allowing, by the security component, the performance, by the mobile communications device, of the interactive service operation when a security measure from the security evaluation does not go beyond a threshold security measure.
7 Assignments
0 Petitions
Accused Products
Abstract
A method for evaluating security during an interactive service operation by a mobile communications device includes launching, by a mobile communications device, an interactive service configured to access a server over a network during an interactive service operation, and generating a security evaluation based on a plurality of trust factors related to a current state of the mobile communications device, to a security feature of the application, and/or to a security feature of the network. When the security evaluation is generated, an action is performed based on the security evaluation.
107 Citations
26 Claims
-
1. A method for evaluating security during an interactive service operation by a mobile communications device, the method comprising:
-
identifying, by a security component on a mobile communications device, a launch of an interactive service configured to communicate with a server over a network during an interactive service operation, wherein the interactive service is associated with an entity and is configured to transmit data to and receive data from a target website purportedly associated with the entity; verifying that the target website is an authentic website associated with the entity, wherein the verifying includes identifying a domain of the target website based on a uniform resource locator (URL) of the target website and includes determining that the domain of the target website is registered by the entity; in response to the launch of the interactive service, generating, by the security component, a security evaluation of the interactive service based on a plurality of trust factors including;
a trust factor related to a current state of the mobile communications device, a trust factor related to a security feature of the interactive service, and a trust factor related to a security feature of the network; andallowing, by the security component, the performance, by the mobile communications device, of the interactive service operation when a security measure from the security evaluation does not go beyond a threshold security measure. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for evaluating security during an interactive service operation by a mobile communications device, the method comprising:
-
identifying, by a mobile communications device, a launch of an interactive service configured to communicate with a server over a network during an interactive service operation, wherein the interactive service is associated with an entity and is configured to transmit data to and receive data from a target website purportedly associated with the entity; verifying that the target website is an authentic website associated with the entity, wherein the verifying includes identifying a domain of the target website based on a uniform resource locator (URL) of the target website and includes determining that the domain of the target website is registered by the entity; in response to the launch of the interactive service, determining, by the mobile communications device, a security score for the interactive service based on a plurality of trust factors including;
a trust factor related to a current state of the mobile communications device, a trust factor related to a security feature of the interactive service, and a trust factor related to a security feature of the network;generating a security evaluation for the interactive service based on the security score; and displaying, by the mobile communications device, the security evaluation for the interactive service and/or a contextual information overlay associated with the interactive service comprising a checklist that includes information regarding a current security status of the mobile communications device, a security status of the interactive service, and a security status of the network, wherein the security evaluation and/or the contextual information overlay is displayed while the user is using the interactive service.
-
-
22. A method for evaluating security during an interactive service operation by a mobile communications device, the method comprising:
-
receiving, by a server having a hardware processor and non-transient computer readable media, an indication from a mobile communications device that an interactive service on the mobile communications device is launched, wherein the interactive service is configured to communicate with another server over a network during an interactive service operation, and wherein the interactive service is associated with an entity and is configured to transmit data to and receive data from a target website purportedly associated with the entity; verifying that the target website is an authentic website associated with the entity, wherein the verifying includes identifying a domain of the target website based on a uniform resource locator (URL) of the target website and includes determining that the domain of the target website is registered by the entity; and in response to the indication of the launch of the interactive service, generating, by the server, a security evaluation of the interactive service based on a plurality of trust factors including;
a trust factor related to a current state of the mobile communications device, a trust factor related to a security feature of the interactive service, and a trust factor related to a security feature of the network. - View Dependent Claims (23, 24, 25, 26)
-
Specification