Methods and systems for addressing mobile communications devices that are lost or stolen but not yet reported as such
First Claim
Patent Images
1. A method comprising:
- by a security component on a first mobile communications device, causing the storage of a usage pattern associated with an authorized user of the first mobile communications device,the stored usage pattern created based only on usage information from use of a second mobile communications device by the authorized user of the first mobile communications device, the usage information from the second mobile communications device including two or more of;
network activity history, user activity history, call history, messaging history, movement history, and location history, andthe stored usage pattern modified, by a server, for use on the first mobile communications device based on differences between the first mobile communications device and the second mobile communications device;
detecting, by the security component on the first mobile communications device, a usage of the first mobile communications device;
comparing, by the security component, the detected usage to the stored usage pattern to determine if there is a difference between the detected usage and the stored usage pattern;
associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern;
determining, by the security component, that the detected usage was not caused by the authorized user of the first mobile communications device when the associated measure is beyond a threshold measure; and
in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the first mobile communications device to be used to access a resource.
10 Assignments
0 Petitions
Accused Products
Abstract
A method is provided for evaluating the usage of a mobile communications device that itself provides access to a resource. In the method, a detected usage of the mobile communications device is compared to a stored usage pattern of an authorized user. When a measure associated with the difference between the detected usage and the stored usage pattern exceeds a threshold, it is concluded that the mobile communications device is being used by an unauthorized user. In response to this conclusion, a restriction is placed on an ability of the mobile communications device to access the resource.
408 Citations
39 Claims
-
1. A method comprising:
-
by a security component on a first mobile communications device, causing the storage of a usage pattern associated with an authorized user of the first mobile communications device, the stored usage pattern created based only on usage information from use of a second mobile communications device by the authorized user of the first mobile communications device, the usage information from the second mobile communications device including two or more of;
network activity history, user activity history, call history, messaging history, movement history, and location history, andthe stored usage pattern modified, by a server, for use on the first mobile communications device based on differences between the first mobile communications device and the second mobile communications device; detecting, by the security component on the first mobile communications device, a usage of the first mobile communications device; comparing, by the security component, the detected usage to the stored usage pattern to determine if there is a difference between the detected usage and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern; determining, by the security component, that the detected usage was not caused by the authorized user of the first mobile communications device when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the first mobile communications device to be used to access a resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method comprising:
-
by a security component on a first mobile communications device, causing the storage of a usage pattern associated with an authorized user of the first mobile communications device, the stored usage pattern created based only on usage information from use of a second mobile communications device by the authorized user of the first mobile communications device, the usage information from the second mobile communications device including two or more of;
network activity history, user activity history, call history, messaging history, movement history, and location history, andthe stored usage pattern modified, by a server, for use on the first mobile communications device based on differences between the first mobile communications device and the second mobile communications device; detecting, by the security component on the first mobile communications device, an event related to the first mobile communications device; comparing, by the security component, the detected event to the stored usage pattern to determine if there is a difference between the detected event and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected event and the stored usage pattern; determining, by the security component, that the detected event was not caused by the authorized user of the first mobile communications device when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing a restriction of an ability of the first mobile communications device to be used to access a resource. - View Dependent Claims (33, 34, 35)
-
-
36. A method comprising:
-
by a security component on a first mobile communications device, causing the storage of a usage pattern associated with an authorized user of the first mobile communications device, the stored usage pattern created based only on usage information from use of a second mobile communications device by the authorized user of the first mobile communications device, the usage information from the second mobile communications device including two or more of;
network activity history, user activity history, call history, messaging history, movement history, and location history, andthe stored usage pattern modified, by a server, for use on the first mobile communications device based on differences between the first mobile communications device and the second mobile communications device; detecting, by the security component on the first mobile communications device, a usage of the first mobile communications device; comparing, by the security component, the detected usage to the stored usage pattern to determine if there is a difference between the detected usage and the stored usage pattern; associating, by the security component, a measure with the stored usage pattern when there is a difference between the detected usage and the stored usage pattern; determining, by the security component, that the detected usage was not caused by the authorized user of the first mobile communications device when the associated measure is beyond a threshold measure; and in response to the determination, issuing a command by the security component, the command causing the first mobile communications device to emit a sound encoded with information identifying the first mobile communications device, the encoded information decodable only by an electronic device. - View Dependent Claims (37, 38, 39)
-
Specification