Method for mitigating the unauthorized use of a device

US 9,031,536 B2
Filed: 04/02/2008
Issued: 05/12/2015
Est. Priority Date: 04/02/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing, by a mobile device, instructions regarding how to return the mobile device to an authorized user;

obtaining a theft notification record for the authorized user from a database maintained by a third-party security authority;

detecting, by the mobile device, that a security compromise event has occurred; and

altering the function of the mobile device in response to said security compromise event to mitigate loss of control by the authorized user by;

obtaining from the authorized user a first list of zero or more data elements stored within the mobile device to be deleted upon occurrence of the security compromise event, and upon occurrence of the security compromise event, deleting the first list data elements from in the mobile device;

obtaining from the authorized user a second list of zero or more data elements stored within the mobile device to be encrypted upon occurrence of the security compromise event, and upon occurrence of the security compromise event, encrypting, by the mobile device, the second list data elements in the mobile device with a password known by at least one of the security authority and the authorized user.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is directed to systems and methods for detecting the loss, theft or unauthorized use of a device and/or altering the functionality of the device in response. In one embodiment, a device monitors its use, its local environment, and/or its operating context to determine that the device is no longer within the control of an authorized user. The device may receive communications or generate an internal signal altering its functionality, such as instructing the device to enter a restricted use mode, a surveillance mode, to provide instructions to return the device and/or to prevent unauthorized use or unauthorized access to data. Additional embodiments also address methods and systems for gathering forensic data regarding an unauthorized user to assist in locating the unauthorized user and/or the device.

96 Citations

View as Search Results

39 Claims

1. A method comprising:
- providing, by a mobile device, instructions regarding how to return the mobile device to an authorized user;
  
  obtaining a theft notification record for the authorized user from a database maintained by a third-party security authority;
  
  detecting, by the mobile device, that a security compromise event has occurred; and
  
  altering the function of the mobile device in response to said security compromise event to mitigate loss of control by the authorized user by;
  
  obtaining from the authorized user a first list of zero or more data elements stored within the mobile device to be deleted upon occurrence of the security compromise event, and upon occurrence of the security compromise event, deleting the first list data elements from in the mobile device;
  
  obtaining from the authorized user a second list of zero or more data elements stored within the mobile device to be encrypted upon occurrence of the security compromise event, and upon occurrence of the security compromise event, encrypting, by the mobile device, the second list data elements in the mobile device with a password known by at least one of the security authority and the authorized user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39)
- - 2. The method as disclosed in claim 1, wherein the mobile device is selected from a group consisting of:
    - a laptop computer;
      
      a desktop computer;
      
      a mobile subscriber communication device;
      
      a mobile phone;
      
      a personal digital assistant (PDA);
      
      a data tablet;
      
      a digital camera;
      
      a video camera;
      
      a video game console;
      
      a media player;
      
      a USB key;
      
      a global positioning system (GPS); and
      
      combinations thereof.
  - 3. The method as disclosed in claim 1, wherein the security compromise event is selected from the group consisting of:
    - loss of control of the mobile device by the authorized user;
      
      theft of the mobile device;
      
      loss of knowledge as to the whereabouts of the mobile device;
      
      intrusion of an electronic threat including at least one of an electronic virus, an electronic worm, an electronic trojan horse;
      
      unauthorized access to private information in the mobile device; and
      
      use of the mobile device in a manner not authorized by a wireless service provider.
  - 4. The method as disclosed in claim 1, wherein altering the function of the mobile device further comprises presenting, by the mobile device, an automated message to a current user of the mobile device, wherein the automated message comprises at least one of a notification:
    - that the mobile device has been lost or stolen;
      
      that the user may press any button to initiate contact with the security authority;
      
      that a reward is offered for the prompt return of the mobile device; and
      
      providing instructions for return of the mobile device.
  - 5. The method as disclosed in claim 4, wherein the message includes at least one of an audio message, a textual message, and a video message.
  - 6. The method as disclosed in claim 4, wherein the message is presented while the current user is utilizing the mobile device to place a telephone call.
  - 7. The method as disclosed in claim 1, wherein altering the function of the mobile device further comprises sending a message to the authorized user, the message comprising information selected from the group consisting of:
    - a phone number called by the mobile device;
      
      a current operational status of the mobile device;
      
      a location of the mobile device;
      
      a statement that the mobile device has been removed from a predetermined location;
      
      a statement that the mobile device is in motion;
      
      a date and time stamp indicating when the device was first used after occurrence of the security event; and
      
      instructions to call the security authority to initiate a recovery process.
  - 8. The method as disclosed in claim 1, further comprising:
    - accessing the theft notification record for the authorized user; and
      
      contacting the authorized user by at least one of;
      
      a phone call placed to a phone number specified in the theft notification record, whereupon audio instructions are provided to the authorized user regarding how to contact the current user of the mobile device to recover the mobile device; and
      
      a text message sent electronically to an address specified in the theft notification record, whereupon textual instructions are provided to the authorized user regarding how to contact the current user of the mobile device to recover the mobile device; and
      
      a printed message sent by conventional mail to an address specified in the theft notification record, whereupon textual instructions are provided to the authorized user regarding how to contact the current user of the mobile device to recover the mobile device.
  - 9. The method as disclosed in claim 1, wherein altering the function of the mobile device further comprises:
    - obtaining a list of features to be restricted upon occurrence of the security event from the theft notification record; and
      
      inhibiting the functionality of features on the list.
  - 10. The method as disclosed in claim 1, wherein altering the function of the mobile device further comprises at least one of:
    - preventing phone calls from being placed from the mobile device;
      
      restricting phone numbers that may be called from the mobile device to a predetermined list of numbers;
      
      requiring entry of a password before the mobile device may be used by a current user;
      
      presenting a message to return the device;
      
      shutting down the mobile device;
      
      commanding the mobile device to perform a destructive function that renders the mobile device at least partially inoperable;
      
      presenting frequent messages prompting a current user of the mobile device to contact the security authority to initiate return of the mobile device to the authorized user, the messages comprising at least one of a text message or an audio message;
      
      playing DTMF tones on a loudspeaker of the mobile device while the mobile device is in use; and
      
      allowing phone calls to be initiated only to one or more predetermined numbers within a contact list on the mobile device.
  - 11. The method as disclosed in claim 10, wherein requiring entry of a password further comprises:
    - detecting entry of an invalid password; and
      
      introducing a delay before entry of another password may be attempted by the current user.
  - 12. The method as disclosed in claim 10, wherein the security compromise event includes the mobile device being reported stolen or lost by the authorized user, and wherein the mobile device is insured against loss or theft.
  - 13. The method as disclosed in claim 1 further comprising:
    - providing a display prompting a user for entry of a user id and password; and
      
      providing a selectable indicia that provides the instructions regarding how to return the mobile device, the instructions being provided without a user needing to enter a valid user id and password.
  - 14. The method as disclosed in claim 13 further comprising:
    - prompting the current user to enter identification information;
      
      receiving and storing the identification information on the mobile device;
      
      searching for a communications connection to the security authority; and
      
      transferring the stored identification information to the security authority.
  - 15. The method as disclosed in claim 1 further comprising:
    - locking a subscriber identity module to prevent unfettered use of the mobile device; and
      
      prompting a current user for entry of a personal unblocking code.
  - 16. The method as disclosed in claim 15 further comprising forwarding, by the security authority, a personal unblocking code to a predetermined address specified by the authorized user.
  - 17. The method as disclosed in claim 1, further comprising:
    - sensing a network address assigned to the mobile device;
      
      storing the sensed network address; and
      
      transmitting the sensed network address to the security authority.
  - 18. The method as disclosed in claim 1, further comprising:
    - sensing at least one wireless network address from one or more signals received by the mobile device;
      
      storing the sensed network address; and
      
      transmitting the sensed network address to the security authority.
  - 19. The method as disclosed in claim 1, further comprising:
    - sensing one or more wireless access point identifiers from one or more signals received by the mobile device;
      
      storing the wireless access point identifiers; and
      
      transmitting the sensed wireless access point identifiers to the security authority.
  - 20. The method as disclosed in claim 19, further comprising determining, based on the transmitted wireless access point identifiers, a location of the mobile device.
  - 21. The method as disclosed in claim 1, further comprising:
    - receiving, by the mobile device, a signal comprising geolocation information;
      
      obtaining the geolocation information from the received signal;
      
      storing the geolocation information on the mobile device; and
      
      transmitting the stored geolocation information to the security authority.
  - 22. The method as disclosed in claim 1, further comprising:
    - retrieving location information from the security authority;
      
      presenting the location information on a display including a map, the map indicating movement of the mobile device over time.
  - 23. The method as disclosed in claim 22, further comprising displaying indicia of time and date where each location information was obtained.
  - 24. The method as disclosed in claim 1, further comprising storing in the mobile device phone numbers called by the mobile device after occurrence of the security compromise event.
  - 25. The method as disclosed in claim 24, further comprising transmitting the stored phone numbers to the security authority.
  - 26. The method as disclosed in claim 1 further comprising:
    - logging into a remote access service by the security authority, wherein the remote access service is configured to communicate with the mobile device;
      
      activating an application programming interface in the mobile device to forward to the remote access service at least one of;
      
      a current status of the mobile device;
      
      a current location of the mobile device;
      
      an image taken by a camera in communication with the mobile device;
      
      a real-time video captured by a camera in communication with the mobile device;
      
      a list of keys pressed on the mobile device; and
      
      a list of services currently running on the mobile device.
  - 27. The method as disclosed in claim 26 further comprising:
    - transmitting a command to the mobile device to initiate a chat session; and
      
      providing an interface on the mobile device for enabling text-based interaction between the current user and at least one of the authorized user and the security authority.
  - 28. The method as disclosed in claim 1 further comprising:
    - initiating a wireless connection between the mobile device and at least one wireless transceiver; and
      
      relaying, through the at least one wireless transceiver, information regarding the current location of the mobile device to the security authority.
  - 29. The method as disclosed in claim 1 further comprising:
    - initiating a wireless connection between the mobile device and at least one wireless transceiver; and
      
      transmitting to the wireless transceiver a message indicating that a lost or stolen device is present within a signal range accessible by the transceiver.
  - 30. The method as disclosed in claim 1 further comprising:
    - initiating a wireless connection between the mobile device and at least one wireless transceiver;
      
      determining a signal strength for the wireless connection between the mobile device and the least one wireless transceiver;
      
      obtaining identifying indicia for the at least one wireless transceiver; and
      
      transmitting to a second wireless transceiver a message including the identifying indicia for the at least one wireless transceiver and the signal strength for the wireless connection between the mobile device and the least one wireless transceiver.
  - 31. The method as disclosed in claim 30 further comprising:
    - transmitting to the second wireless transceiver a message indicating that a mobile device within communication range of the second wireless transceiver has been reported lost or stolen.
  - 32. The method as disclosed in claim 1 further comprising:
    - initiating a wireless connection between the mobile device and at least one wireless transceiver;
      
      transmitting a message to the at least one wireless transceiver, the message including identifying indicia of the mobile device, and wherein the message includes at least one of the following;
      
      a request for response that includes the physical location of the at least one wireless transceiver;
      
      a request that a person in communication with the at least one wireless transceiver report that a lost or stolen device is within its communication range;
      
      a phone number for the authorized user;
      
      a phone number for the security authority; and
      
      a request to place a call to the security authority.
  - 33. The method as disclosed in claim 1 further comprising:
    - initiating a wireless connection between the mobile device and at least one wireless transceiver;
      
      transmitting a message to the at least one wireless transceiver, wherein the message requests that a response be provided that includes the physical location of the at least one wireless transceiver.
  - 34. The method as disclosed in claim 1 wherein altering the function of the mobile device further comprises modifying a display on the mobile device, wherein the display includes only information regarding return of the mobile device to at least one of the authorized user and the security authority.
  - 35. The method as disclosed in claim 34 further comprising restricting the features of the mobile device to operate only to assist with return of the mobile device to at least one of the security authority and the authorized user.
  - 36. The method as disclosed in claim 1 further comprising:
    - determining that the mobile device was insured against loss or theft; and
      
      automatically altering the function of the mobile device when the security authority specifies the mobile device was lost or stolen.
  - 37. The method as disclosed in claim 1 wherein altering the function of the mobile device is based on a command received from the security authority.
  - 38. The method as disclosed in claim 36 wherein altering the function further comprises at least one of:
    - disabling use of the mobile device;
      
      detecting attempted use of the mobile device; and
      
      tracking the location of the mobile device.
  - 39. The method as disclosed in claim 1, wherein altering the function of the mobile device in response to said security compromise event to mitigate loss of control by the authorized user further comprises:
    - establishing within the mobile device a specified location to store one or more sensitive data elements;
      
      upon detection of the security compromise event, executing a function selected from the group consisting of;
      
      encrypting one or more of the sensitive data elements with a password known to at least one of the authorized user and a security authority;
      
      deleting one or more of the sensitive data elements;
      
      multiply overwriting one or more of the sensitive data elements; and
      
      transmitting one or more of the sensitive data elements to an address specified by the authorized user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blancco Technology Group Ip Oy
Original Assignee
Inhance Technology
Inventors
Fitzgerald, William, Bermingham, Peter, Hannigan, Frank, Prendergast, Paul
Primary Examiner(s)
Patel, Nimesh

Application Number

US12/060,867
Publication Number

US 20090253408A1
Time in Patent Office

2,596 Days
Field of Search

726/4, 726/14, 726/17, 726/22, 713/152, 713/164, 713/166, 713/182, 455/411, 455/414.1
US Class Current

455/411
CPC Class Codes

G06F 21/316   by observing the pattern of...

G06F 21/55   Detecting local intrusion o...

G06F 21/88   Detecting or preventing the...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2111   Location-sensitive, e.g. ge...

H04M 1/72454   according to context-relate...

H04M 1/72457   according to geographic loc...

H04M 1/72463   to restrict the functionali...

H04M 1/724631   by limiting the access to t...

H04M 2242/30   Determination of the locati...

H04M 3/42178   by downloading data to subs...

H04W 12/082   using revocation of authori...

H04W 12/12   Detection or prevention of ...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/30   Security of mobile devices;...

H04W 12/63   Location-dependent; Proximi...

H04W 12/65   Environment-dependent, e.g....

H04W 88/02   Terminal devices

Method for mitigating the unauthorized use of a device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

96 Citations

39 Claims

Specification

Solutions

Use Cases

Quick Links

Method for mitigating the unauthorized use of a device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

96 Citations

39 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links