Abstract: The disclosed computer-implemented method for authenticating application points of entry to prevent unauthorized use of locked mobile applications may include (i) identifying one or more mobile applications having an access restriction and a group of application entry points associated with at least one mobile application function, (ii) intercepting a series of device inputs from a user for accessing the application entry points to bypass the access restriction for the mobile applications, (iii) requesting authentication credentials to bypass the access restriction from the application entry points, (iv) determining that the requested authentication credentials are invalid, and (v) performing a security action that protects against potentially malicious activity associated with unauthorized access to the mobile applications upon determining that the requested authentication credentials are invalid. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for proactive call spam/scam protection may include intercepting network traffic by the at least one processor employing a network extension feature of an operating system of a computing device. The method may additionally include capturing, by the at least one processor employing the network extension feature, a phone number in the network traffic. The method may also include comparing, by the at least one processor employing the network extension feature, the phone number to a plurality of entries in a spam/scam repository. The method may further include performing, by the at least one processor, a security action in response to the comparison. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: Routing server communications through a nearby mobile device. In some embodiments, the method may include establishing a direct communication channel between the first mobile device and the second mobile device, determining which of the first mobile device and the second mobile device is currently a more efficient mobile device that is able to communicate with a server device more efficiently, sending a first server query from the less efficient mobile device to the more efficient mobile device over the direct communication channel, forwarding the first server query from the more efficient mobile device to the server device over the Internet, receiving a first server response at the more efficient mobile device from the server device over the Internet, and forwarding the first server response from the more efficient mobile device to the less efficient mobile device over the direct communication channel.

Abstract: The disclosed computer-implemented method for enforcing secure shared access on computing devices by context pinning may include recording, on the computing device, one or more actions performed on one or more applications, determining, based on the recorded actions and applications, a context that defines permitted actions and applications for a guest user of the computing device, monitoring, based on the context, user activity on the computing device, detecting an activity that violates the context, and performing, in response to the detection, a security action. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for delegating endpoint security operations to a nearby computing device may include (i) receiving device state data from one or more computing devices, (ii) determining a device state reputation for each of the one or more computing devices based on the device state data, (iii) selecting a device from the one or more computing devices based on the device state reputation for each of the one or more computing devices, and (iv) in response to selecting the device, delegating one or more operations for a security action to the selected device. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for issuing proactive parental control alerts may include (i) monitoring, through a sensor of the computing device, sensor data indicating an emotional state of a child consuming media content through the computing device, (ii) detecting, through analyzing the sensor data, that the media content has triggered an adverse emotional state within the child, and (iii) performing a security action, in response to detecting that the media content has triggered the adverse emotional state within the child, by issuing an alert in connection with a parental control software system that controls access by the child to media content. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for enforcing age-based application constraints may include (1) receiving a selection of age-based use constraints to be associated with one or more applications installed on the computing device, (2) associating the age-based use constraints with the applications, (3) determining that a user attempting to access the applications does not meet the age-based use constraints, and (4) performing a security action that restricts user access to the applications when the user does not meet the age-based use constraints. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: An entity runs in background mode on a computing device and automatically determines when the current user is attempting to open an age-restricted app. The age of the user is automatically determined, e.g., by passively capturing a biometric image and estimating the user's age. A camera on the computing device can be used to take a picture of the user, and a facial image can be recognized in the picture by applying a facial recognition algorithm. The age of the user can be estimated based on the facial image, by applying an age estimation algorithm. The app is locked responsive to determining that the user's age does not meet a corresponding requirement. A communication can be transmitted to the primary user of the computing device, indicating that the current user of the device unsuccessfully attempted to open the app, optionally including a picture of the user.

Abstract: The disclosed computer-implemented method for preventing system level browser attacks through mobile applications may include (i) intercepting a message transmitted by a mobile application, wherein the message is based on data received by the mobile application, (ii) obtaining a universal resource locator (URL) from the message, (iii) obtaining reputation data using the URL, (iv) determining that the URL is for a malicious website based on the reputation data, and (v) in response to determining that the URL is for the malicious website, performing a security action to protect the computing device from system level browser attacks. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A mobile computing device is infected by malware which blocks access to the infected device by an authorized user. A download and installation request is generated from another device and sent to a third-party service via the internet to allow a first instance of a mobile device security application to be downloaded and installed on the infected device. A second instance of the same mobile device security application is also downloaded and installed on a clean device, with the first and second instances of the mobile device security application being covered under a single license. An instruction is generated on the mobile device security application on the clean device and transmitted to the infected device. Based on the received instruction, the mobile device security app is initiated and at least one access setting is modified on the infected device to enable user access.

Abstract: Communications received by a computing device originating from communicating entities that are members of the same group(s) as a user are tracked. A corresponding unique identifier is maintained for each such communicating entity, and an associated security rating is configured. A security analysis is performed on content received by the computing device from these communicating entities. The security ratings associated with given communicating entities are adjusted, responsive to given security analyses of content received by the computing device from these associated communicating entities, where such an analysis identifies security concerns. Responsive to the security rating of a specific communicating entity exceeding a predefined threshold, one or more security actions are taken to prevent the user of the computing device from being exposed to communication from that communicating entity.

Abstract: The disclosed computer-implemented method for utilizing custom tagging to protect against phishing attacks from malicious applications may include (1) associating a tag with a source application such that the tag is displayed in a user interface generated by the source application (2) launching a target application sharing at least one common feature with the source application, (3) determining, upon launching the target application, whether a user interface generated by the target application is an attack by a malicious application potentially causing harm to the computing device based on a presence or absence of the tag in the user interface, and (4) performing a security action with respect to the target application to protect the computing device from the attack when the tag is determined be absent from the user interface generated by the target application. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for enforcing secure shared access on computing devices by content state pinning may include (1) receiving, from a user, a selection of a content view to be shared with an additional user from content displayed on a computing device by an application, (2) associating, by the computing device, a change event with the content view, (3) detecting, by the computing device, the change event in response to an action by the additional user to change the content view, and (4) performing, by the computing device, a security action to protect the computing device from potentially malicious activity associated with the action by the additional user to change the content view. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for protecting against outgoing calls to malicious phone numbers may include (1) intercepting, at a computing device, an attempt to initiate an outgoing phone call, (2) disabling, at the computing device and at least temporarily, the attempt, (3) querying a reputation server for a reputation of an outgoing phone number associated with the attempt, (4) receiving, at the computing device, reputation results from the reputation server, and (5) performing a security action comprising displaying, on a user display of the computing device and prior to enabling the attempt, at least a portion of the reputation results. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The disclosed computer-implemented method for preventing sensitive data sharing may include a computing device determining that a content item is to be shared with an application. The content idem may be intercepted before the content item is shared with the application. The data of the content item may be analyzed. In response to analyzing the data of the content item, a security action may be performed to protect the computing device from computer malware or prevent sharing of sensitive data of the computing device. Various other methods, systems, and computer-readable media are also disclosed.