Abstract: Disclosed are system and methods for controlling access to content from a user application executing in an isolated environment on a user device. An exemplary method includes intercepting, by a security application, data relating to content in a graphical user interface of the user application using an accessibility application programming interface (API) exposed by an operating system of the user device, and generating a first template associated with the content based on the intercepted data. The template specifies a pattern of elements of the graphical user interface. The method further includes determining a category of the content based on a comparison of the first template with a plurality of previously generated templates; and controlling access to the content of the graphical user interface based on the determined category.

Abstract: Disclosed are systems and methods for selecting a data entry mechanism during application creation. An example method comprises: determining a plurality of activity states of an application during creation of the application, determining whether a data entry mechanism of the application is dependent on an activity state, determining security requirements corresponding to each of the plurality of activity states, selecting a data entry mechanism for each of the determined security requirements and activating a corresponding data entry mechanism during activation of each corresponding activity of the plurality of activity states.

Abstract: Disclosed are systems and methods for activating a data entry mechanism. An example method comprises detecting, by a hardware processor, an activity state of the application during execution on a user device, determining, by the hardware processor, security requirements, associated with the activity state, wherein the security requirements comprise properties for a data entry mechanism, activating, by the hardware processor, a data entry mechanism for receiving user input for the program, wherein the data entry mechanism is governed according to the properties of the security requirements, receiving user input from the user device from the data entry mechanism and displaying, by the hardware processor, a modified version of the user input, according to the properties of the security requirement.

Abstract: Disclosed are systems and methods for selecting secure data entry mechanism for software applications. An example method comprises: detecting, by a hardware processor, a data entry activity during execution of the program on a user device; determining, by the hardware processor, security requirements associated with the detected data entry activity; selecting a data entry mechanism for the program based on the security requirements, wherein selection of the data entry mechanism includes: selecting a data entry device, selecting an interface for transmission of data from the data entry device, selecting a method of storing the entered data, and selecting a method of displaying the entered data; and activating the selected data entry mechanism for receiving user input for the program.

Abstract: A method and system is provided for performing secure online banking transactions.

Abstract: Disclosed are systems and methods for controlling access to data of a user device using a security application that provides accessibility services. An exemplary method comprises: executing, on the user device, the security application and one or more user applications; intercepting, by an interception module of the security application using a plurality of accessibility API functions, data accessed by a user application being executed on the user device; determining, by a categorization module of the security application, a category of intercepted data; intercepting, by the interception module using the accessibility API functions, one or more events of user's interaction with a user interface of the user application; and determining, by an access control module of the security application, an access control policy that specifies and controls whether to allow a user's access to the intercepted data based on the category of intercepted data and types of intercepted events.

Abstract: Disclosed are systems, methods and computer program products for modifying a software distribution package. An example method includes receiving a software distribution package that including one or more compressed files and one or more digital signatures of the one or more compressed files. The method further includes determining to add modifications to the software distribution package. The method further includes writing the modifications into a commentary section of the software distribution package or into a free region between the one or more compressed files of the software distribution package without recalculating the digital signatures for the one or more compressed files included in the software distribution package.

Abstract: Disclosed are systems and methods for controlling access to data of a user device using a security application that provides accessibility services. An exemplary method comprises: executing, on the user device, the security application and one or more user applications; intercepting, by an interception module of the security application using a plurality of accessibility API functions, data accessed by a user application being executed on the user device; determining, by a categorization module of the security application, a category of intercepted data; intercepting, by the interception module using the accessibility API functions, one or more events of user's interaction with a user interface of the user application; and determining, by an access control module of the security application, an access control policy that specifies and controls whether to allow a user's access to the intercepted data based on the category of intercepted data and types of intercepted events.

Abstract: Disclosed are systems and methods for controlling access to data on mobile devices using an accessibility API for users with disabilities.

Abstract: Disclosed are systems and methods for selecting secure data entry mechanism for software applications. An example method comprises: detecting, by a hardware processor, a data entry activity during execution of the program on a user device; determining, by the hardware processor, security requirements associated with the detected data entry activity; selecting a data entry mechanism for the program based on the security requirements, wherein selection of the data entry mechanism includes: selecting a data entry device, selecting an interface for transmission of data from the data entry device, selecting a method of storing the entered data, and selecting a method of displaying the entered data; and activating the selected data entry mechanism for receiving user input for the program.

Abstract: Disclosed are systems and methods for selecting means for intercepting network transmissions. An exemplary method includes determining one or more rules associated with transmission of data by a device; determining one or more network transmission intercepting means that satisfy the one or more determined rules; selecting a network transmission intercepting means based on the determined one or more network transmission intercepting means; and causing transmissions by the device to be processed by the selected network transmission intercepting means.

Abstract: A method, system and computer program product for blocking access to restricted elements of application interface and covering the restricted elements by trusted interface elements. The system includes an analyzer module, a database of restricted elements and a blocking module. The analyzer module is configured to detect interface elements of an active application rendered on a computer or a mobile device. The analyzer module determines if an application interface element is restricted by comparing the application interface element against the known restricted interface elements from the database. If the restricted element is detected, the analyzer module sends the data about the restricted element to the blocking module. The blocking module covers the restricted interface element by a trusted interface element or by an image.

Abstract: Disclosed are systems and methods for selecting means for intercepting network transmissions. An example system includes a data collection module configured to determine one or more parameters of a network transmission and one or more parameters of a user device that receives the transmission; a data analysis module configured to determine characteristics of a plurality of network transmission intercepting means that provide different levels of security to intercepted network transmissions based on the determined transmission and user device parameters; a selection module configured to select out of the plurality of network transmission interception means one whose characteristics match to the parameters of the network transmission, parameters of the user device, and a required security level for the network transmission; and an installation module configured to install on the user device the selected network transmission interception means.

Abstract: Disclosed are systems and methods for selecting means for intercepting network transmissions. An example system includes a data collection module configured to determine one or more parameters of a network transmission and one or more parameters of a user device that receives the transmission; a data analysis module configured to determine characteristics of a plurality of network transmission intercepting means that provide different levels of security to intercepted network transmissions based on the determined transmission and user device parameters; a selection module configured to select out of the plurality of network transmission interception means one whose characteristics match to the parameters of the network transmission, parameters of the user device, and a required security level for the network transmission; and an installation module configured to install on the user device the selected network transmission interception means.

Abstract: A method, system and computer program product for blocking access to restricted elements of application interface and covering the restricted elements by trusted interface elements. The system includes an analyzer module, a database of restricted elements and a blocking module. The analyzer module is configured to detect interface elements of an active application rendered on a computer or a mobile device. The analyzer module determines if an application interface element is restricted by comparing the application interface element against the known restricted interface elements from the database. If the restricted element is detected, the analyzer module sends the data about the restricted element to the blocking module. The blocking module covers the restricted interface element by a trusted interface element or by an image.

Abstract: Disclose dare systems and method for determining category of trust of software applications. An example method includes monitoring a first application to detect an overlay of at least one interface element of the first application by at least one interface element of a second application; collecting information about the second application, wherein the information includes at least a danger status of the second application, wherein the danger status determines a danger caused by the second application to the first application; determining a category of trust of the second application based on an analysis of the collected information; and determining, based on the category of trust of the second application, whether to allow or prohibit overlay of the at least one interface element of the first application by the at least one interface element of the second application.

Abstract: Disclose dare systems and method for determining category of trust of software applications. An example method includes monitoring a first application to detect an overlay of at least one interface element of the first application by at least one interface element of a second application; collecting information about the second application, wherein the information includes at least a danger status of the second application, wherein the danger status determines a danger caused by the second application to the first application; determining a category of trust of the second application based on an analysis of the collected information; and determining, based on the category of trust of the second application, whether to allow or prohibit overlay of the at least one interface element of the first application by the at least one interface element of the second application.

Abstract: Disclosed are systems and methods for limiting the operation of trusted applications in presence of suspicious programs. An example method includes: identifying one or more trusted applications installed on a computer; collecting data about applications and programs installed on the computer; checking for the presence of one or more suspicious programs using suspicious program detection rules, wherein a program is considered to be suspicious when it can access protected information of a trusted application without authorization; and when at least one suspicious program is found, limiting the operation of the trusted application until the suspicious program is terminated or removed from the computer.

Abstract: Disclosed are systems, methods and computer program products for modifying a software distribution package. An example method includes receiving a software distribution package that including one or more compressed files and one or more digital signatures of the one or more compressed files. The method further includes determining to add modifications to the software distribution package. The method further includes writing the modifications into a commentary section of the software distribution package or into a free region between the one or more compressed files of the software distribution package without recalculating the digital signatures for the one or more compressed files included in the software distribution package.

Abstract: A method, system and computer program product for blocking access to restricted elements of application interface and covering the restricted elements by trusted interface elements. The system includes an analyzer module, a database of restricted elements and a blocking module. The analyzer module is configured to detect interface elements of an active application rendered on a computer or a mobile device. The analyzer module determines if an application interface element is restricted by comparing the application interface element against the known restricted interface elements from the database. If the restricted element is detected, the analyzer module sends the data about the restricted element to the blocking module. The blocking module covers the restricted interface element by a trusted interface element or by an image.