Systems and methods for mitigating the unauthorized use of a device

US 9,916,481 B2
Filed: 08/13/2012
Issued: 03/13/2018
Est. Priority Date: 04/02/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

detecting that a security compromise event has occurred for a mobile device;

altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user, wherein;

altering the function of the mobile device includes denying access to data stored on the mobile device; and

detecting that the security compromise event has occurred includes receiving, by the mobile device, a command to alter the function of the mobile device;

transmitting, by the mobile device, a first code to a security authority in response to receiving the command to alter the function of the mobile device;

receiving, by the mobile device, a second code from the security authority;

comparing, by the mobile device, the first code and the second code to a predetermined security protocol; and

altering the function of the mobile device if the first code and the second code are in accordance with the security protocol;

wherein denying access to data stored on the mobile device includes one of;

concealing at least a portion of a file system for the mobile device; and

encrypting at least a portion of a file system for the mobile device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is directed to systems and methods for detecting the loss, theft or unauthorized use of a device and/or altering the functionality of the device in response. In one embodiment, a method includes detecting that a security compromise event has occurred for a mobile device. The method also includes altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user. Altering the function of the mobile device includes denying access to data stored on the mobile device.

149 Citations

37 Claims

1. A method comprising:
- detecting that a security compromise event has occurred for a mobile device;
  
  altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user, wherein;
  
  altering the function of the mobile device includes denying access to data stored on the mobile device; and
  
  detecting that the security compromise event has occurred includes receiving, by the mobile device, a command to alter the function of the mobile device;
  
  transmitting, by the mobile device, a first code to a security authority in response to receiving the command to alter the function of the mobile device;
  
  receiving, by the mobile device, a second code from the security authority;
  
  comparing, by the mobile device, the first code and the second code to a predetermined security protocol; and
  
  altering the function of the mobile device if the first code and the second code are in accordance with the security protocol;
  
  wherein denying access to data stored on the mobile device includes one of;
  
  concealing at least a portion of a file system for the mobile device; and
  
  encrypting at least a portion of a file system for the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method of claim 1, wherein the file system comprises any system that helps provide access to data in a memory for the mobile device, including at least one of a File Allocation Table (FAT) file system, a NTFS (New Technology File System), a mobile device operating system file interface, a Linux file system, and a MacOS file system.
  - 3. The method of claim 1, further comprising revealing the concealed portion of the file system upon receipt of a user authentication confirmation from the authorized user.
  - 4. The method of claim 1, further comprising decrypting the encrypted portion of the file system upon receipt of a user authentication confirmation from the authorized user.
  - 5. The method of claim 1, wherein altering the function of the mobile device further includes providing, to a security authority, one or more of data stored on the mobile device and any other information entered onto or received by the mobile device subsequent to the security compromise event.
  - 6. The method of claim 5, wherein the one or more of data stored on the mobile device and any other information entered onto or received by the mobile device subsequent to the security compromise event is provided to the security authority by a data backup service.
  - 7. The method of claim 1, wherein altering the function of the mobile device further includes one or more of:
    - preventing phone calls from being placed from the mobile device;
      
      restricting phone numbers that may be called from the mobile device to a predetermined list of numbers;
      
      requiring entry of a password before the mobile device may be used by a current user;
      
      shutting down the mobile device;
      
      commanding the mobile device to perform a destructive function that renders the mobile device at least partially inoperable;
      
      presenting one or more messages prompting a current user of the mobile device to contact a security authority to initiate return of the mobile device to the authorized user, the messages comprising at least one of a text message and an audio message;
      
      playing a pre-recorded message on a loudspeaker of the mobile device, wherein the pre-recorded message indicates the mobile device has been at least one of lost, stolen and subject to unauthorized use;
      
      playing through a loudspeaker of the mobile device a pre-recorded sound of a person screaming;
      
      playing DTMF (Dual-Tone Multi-Frequency) tones on a loudspeaker of the mobile device while the mobile device is in use; and
      
      allowing phone calls, text messages, or other communication to be initiated only to one or more predetermined numbers within a contact list on the mobile device; and
      
      combinations thereof.
  - 8. The method of claim 1, wherein detecting that the security compromise event has occurred for the mobile device further comprises at least one of tampering with the mobile device by an unauthorized user and entry of a number of non-matching passwords that exceeds a predetermined maximum password limit.
  - 9. The method of claim 7, wherein altering the function of the mobile device includes presenting one or more text messages prompting a current user of the mobile device to contact a security authority to initiate return of the mobile device to the authorized user, wherein the text messages include flash SMS text messages.
  - 10. The method of claim 7, wherein commanding the mobile device to perform the destructive function that renders the mobile device at least partially inoperable further comprises deleting the data stored on the mobile device.
  - 11. The method of claim 1, wherein detecting that the security compromise event has occurred includes determining that the mobile device has been disassociated from a companion device.
  - 12. The method of claim 11, further comprising locking and denying use of all functionality of the mobile device in response to the determination that the mobile device has been disassociated from the companion device.
  - 13. The method of claim 11 , further comprising notifying a security authority that the mobile device has been disassociated from the companion device.
  - 14. The method of claim 1, further comprising:
    - receiving, by the mobile device, a passcode; and
      
      altering the function of the mobile device if it is determined the passcode is valid.
  - 15. The method of claim 14, wherein the passcode is different from a second passcode required by the mobile device to access one or more functions of the mobile device.
  - 16. The method of claim 1, further comprising receiving, by the mobile device, an identifier for an entity transmitting the command to alter the function of the mobile device.
  - 17. The method of claim 16, wherein the entity comprises at least one of another mobile device, a computer, a security authority and a human operator.
  - 18. The method of claim 1, further comprising surreptitiously establishing a communication link with a security authority upon receipt of the command to alter the function of the mobile device.
  - 19. The method of claim 1, further comprising surreptitiously providing location information, such as GPS coordinates or cell identifier, of the mobile device to the security authority upon receipt of the command to alter the function of the mobile device.
  - 20. The method of claim 1, further comprising:
    - displaying, on a user interface for the mobile device, a web page from a predetermined security authority indicating that the mobile device has been determined to be at least one of lost, stolen and subject to unauthorized use; and
      
      providing a web-based form to solicit information to assist with returning the mobile device to the authorized user.
  - 21. The method of claim 1, further comprising providing on a display of the mobile device an indication to an unauthorized user that security software has been activated and one or more options pertaining to the activation of the security software may be selected.
  - 22. The method of claim 21, wherein the one or more options pertaining to the activation of the security software includes an option to deactivate the security software, which, when selected, provides an indication that the security software is deactivated even though the security software remains active.

23. A method comprising:
- detecting that a security compromise event has occurred for a mobile device; and
  
  altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user, wherein;
  
  altering the function of the mobile device includes denying access to data stored on the mobile device; and
  
  detecting that the security compromise event has occurred includes receiving, by the mobile device, a command to alter the function of the mobile device;
  
  transmitting, by the mobile device, a first code to a security authority in response to receiving the command to alter the function of the mobile device;
  
  receiving, by the mobile device, a second code from the security authority;
  
  comparing, by the mobile device, the first code and the second code to a predetermined security protocol; and
  
  altering the function of the mobile device if the first code and the second code are in accordance with the security protocol.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 24. The method of claim 23, further comprising revealing the concealed portion of the file system upon receipt of a user authentication confirmation from the authorized user.
  - 25. The method of claim 23, further comprising decrypting the encrypted portion of the file system upon receipt of a user authentication confirmation from the authorized user.
  - 26. The method of claim 23, wherein altering the function of the mobile device further includes providing, to a security authority, one or more of data stored on the mobile device and any other information entered onto or received by the mobile device subsequent to the security compromise event.
  - 27. The method of claim 26, wherein the one or more of data stored on the mobile device and any other information entered onto or received by the mobile device subsequent to the security compromise event is provided to the security authority by a data backup service.
  - 28. The method of claim 23, wherein altering the function of the mobile device further includes one or more of:
    - preventing phone calls from being placed from the mobile device;
      
      restricting phone numbers that may be called from the mobile device to a predetermined list of numbers;
      
      requiring entry of a password before the mobile device may be used by a current user;
      
      shutting down the mobile device;
      
      commanding the mobile device to perform a destructive function that renders the mobile device at least partially inoperable;
      
      presenting one or more messages prompting a current user of the mobile device to contact a security authority to initiate return of the mobile device to the authorized user, the messages comprising at least one of a text message and an audio message;
      
      playing a pre-recorded message on a loudspeaker of the mobile device, wherein the pre-recorded message indicates the mobile device has been at least one of lost, stolen and subject to unauthorized use;
      
      playing through a loudspeaker of the mobile device a pre-recorded sound of a person screaming;
      
      playing DTMF (Dual-Tone Multi-Frequency) tones on a loudspeaker of the mobile device while the mobile device is in use; and
      
      allowing phone calls, text messages, or other communication to be initiated only to one or more predetermined numbers within a contact list on the mobile device; and
      
      combinations thereof.
  - 29. The method of claim 23, wherein detecting that the security compromise event has occurred for the mobile device further comprises at least one of tampering with the mobile device by an unauthorized user and entry of a number of non-matching passwords that exceeds a predetermined maximum password limit.
  - 30. The method of claim 28, wherein altering the function of the mobile device includes presenting one or more text messages prompting a current user of the mobile device to contact a security authority to initiate return of the mobile device to the authorized user, wherein the text messages include flash SMS text messages.
  - 31. The method of claim 28, wherein commanding the mobile device to perform the destructive function that renders the mobile device at least partially inoperable further comprises deleting the data stored on the mobile device.
  - 32. The method of claim 23, wherein detecting that the security compromise event has occurred includes determining that the mobile device has been disassociated from a companion device.
  - 33. The method of claim 32, further comprising locking and denying use of all functionality of the mobile device in response to the determination that the mobile device has been disassociated from the companion device.
  - 34. The method of claim 32, further comprising notifying a security authority that the mobile device has been disassociated from the companion device.

35. A method comprising:
- detecting that a security compromise event has occurred for a mobile device;
  
  displaying, on a user interface for the mobile device, a web page from a predetermined security authority indicating that the mobile device has been determined to be at least one of lost, stolen and subject to unauthorized use;
  
  providing a web-based form to solicit information to assist with returning the mobile device to the authorized user;
  
  altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user, wherein altering the function of the mobile device includes denying access to data stored on the mobile device; and
  
  wherein denying access to data stored on the mobile device includes one of;
  
  concealing at least a portion of a file system for the mobile device; and
  
  encrypting at least a portion of a file system for the mobile device.

36. A method comprising:
- detecting that a security compromise event has occurred for a mobile device;
  
  providing on a display of the mobile device an indication to an unauthorized user that security software has been activated and one or more options pertaining to the activation of the security software may be selected;
  
  altering a function of the mobile device in response to the security compromise event to mitigate loss of control by an authorized user, wherein altering the function of the mobile device includes denying access to data stored on the mobile device; and
  
  wherein denying access to data stored on the mobile device includes one of;
  
  concealing at least a portion of a file system for the mobile device; and
  
  encrypting at least a portion of a file system for the mobile device.
- View Dependent Claims (37)
- - 37. The method of claim 36, wherein the one or more options pertaining to the activation of the security software includes an option to deactivate the security software, which, when selected, provides an indication that the security software is deactivated even though the security software remains active.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blancco Technology Group Ip Oy
Original Assignee
Inhance Technology
Inventors
Prendergast, Paul, Hannigan, Frank, Bermingham, Peter, Fitzgerald, William
Primary Examiner(s)
Tabor, Amare F

Application Number

US13/584,520
Publication Number

US 20130091564A1
Time in Patent Office

2,038 Days
Field of Search

726 17, 726 30, 455410, 455411, 455418
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 21/60   Protecting data

G06F 21/88   Detecting or preventing the...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/12   Applying verification of th...

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/082   using revocation of authori...

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 88/02   Terminal devices

Systems and methods for mitigating the unauthorized use of a device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

149 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for mitigating the unauthorized use of a device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

149 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links