Browse Prior Art Database

System and Method for Discovering, Recovering, and Securing a Lost Mobile Device

IP.com Disclosure Number: IPCOM000145190D
Publication Date: 2007-Jan-10
Document File: 2 page(s) / 31K

Publishing Venue

The IP.com Prior Art Database

Abstract

Currently, it is a requirement of the device owner to contact IT when they discover they've lost their device. IT then can send "lock" and/or "kill" commands remotely to the device. This may take too long a period of time. Firstly, it takes a while before someone realizes they've lost a device, and secondly, it may take some time before IT instantiates the remote commands. Also, once "kill" command is sent to the device, a security violation message is displayed which may overwrite the owner information. The most often used technique by the owner at present is to call the device and hope an honest person has found their device and answers the call. In addition, a user that is not sure if (s)he has lost his/her handheld or forgotten it at home or office, does not report to IT immediately. This increases the chance that a possible attacker can access the data on the handheld before it is reported lost. A better and more prompt method is required, specifically for corporate users. There are two prime methods: 1) Device is autonomous and determines when it is lost; or 2) User realizes device may be lost and sends command(s) to the device. Within each method, sources of information on the device can be investigated remotely to assist in tracking down the device. Device snapshots can be recorded to build device "presence" data. Examples of such sources are: Date/time last used, light sensor reading, GPS device reading, accelerometer (if present) - immediately detect device dropped-can sound; later to detect if device is moving or not, temperature - whether device is outside, etc. A new power saving mode can be entered to preserve battery. 1) Autonomous - device sends message to owner/IT. In this variance, the device sends information based on criteria that signifies device is lost. Examples and/or combinations: accelerometer recorded a freefall condition; long period of sunlight or darkness via light sensor and extreme variance in temperature (device left outside); If device is picked up by someone with "locked" screen and > 5 invalid PWD entries, the device can prompt to "return to..." or "Call... "or "send an email to owner" with contact info. GPS location can also be included in the message. If device is picked up and device is not locked, navigation can be monitored to determine non-typical usaged: e.g. going through and opening most/all applications, > 5 existing messages have been opened, etc...then the device could lock itself. 2. User realizes device is lost and sends command(s). Examples: a) lock device (with preregistered long PIN code) b) lock only outgoing phone calls (PIN needed to unlock it) c) activate SIM card's PIN code (cannot be used in another phone) d) display "return to... Call...." when keys are pressed e) Power savings mode (low backlight, no notifications) f) activate Seamless Call Redirection (whatever number dialed, owner is called) g) query "presence" data

This text was extracted from a Microsoft Word document.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

mobile-device security

System and Method for Discovering, Recovering, and Securing a Lost

Mobile

Device

 Disclosed Anonymously

Currently, it is a requirement of the device owner to contact IT when they discover they've lost their device. IT then can send "lock" and/or "kill" commands remotely to the device. This may take too long a period of time. Firstly, it takes a while before someone realizes they've lost a device, and secondly, it may take some time before IT instantiates the remote commands. Also, once "kill" command is sent to the device, a security violation message is displayed which may overwrite the owner information. The most often used technique by the owner at present is to call the device and hope an honest person has found their device and answers the call. In addition, a user that is not sure if (s)he has lost his/her handheld or forgotten it at home or office, does not report to IT immediately. This increases the chance that a possible attacker can access the data on the handheld before it is reported lost. A better and more prompt method is required, specifically for corporate users.

There are two prime methods: 1) Device is autonomous and determines when it is lost; or 2) User realizes device may be lost and sends command(s) to the device. Within each method, sources of information on the device can be investigated remotely to assist in tracking down the device. Device snapshots can be recorded to build device "presence" data. Examples of such sources are: Date/time last u...