Patents by Inventor Brian James Buck

Brian James Buck has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20200334365
    Abstract: An operating system of a mobile device defines an interface for an MDM to ensure security of the device. A private personal MDM (PPMDM) instead interfaces with the operating systems and one or more enterprise MDMs (EMDM) implement security policies through the PPMDM subject to user control. Data may be flagged as associated with an EMDM based on source or location to enable deletion due to theft or disassociation with an enterprise. Blocks or threat detection according to an EMDM policy may be reported to an EMDM in a non-invasive manner.
    Type: Application
    Filed: February 25, 2020
    Publication date: October 22, 2020
    Inventors: Brian James Buck, Aaron David Cockerill
  • Publication number: 20200304503
    Abstract: An identity broker receives a request for access by a client device to a service provided by a server. In response to the request, the identity broker communicates with a client device to determine whether a security risk is associated with allowing the client device to access data of a service provider. If the client device is secure, the identity broker sends an authentication request to an identity provider. After the identity provider authenticates the client device, the identity broker passes the authentication to the server, which establishes a session with the client device to provide the service. The security state of the client continues to be monitored to determine whether access should continue to be permitted to data associated with a service provider.
    Type: Application
    Filed: June 5, 2020
    Publication date: September 24, 2020
    Inventors: Réda Zerrad, Dhruva Gopal, Sneha Sachidananda, Dayyan Yoon Lord, Varun Shimoga Prakash, Christopher Brandon Leach, Brian James Buck, Jeroen Martijn Wijdogen
  • Patent number: 10785230
    Abstract: An identity broker receives a request for access by a client device to a service provided by a server. In response to the request, the identity broker determines an identity of the client device using a client certificate. The identity broker also determines whether the client device is in a secure state. If the client device is secure, the identity broker sends an authentication request to an identity provider. After the identity provider authenticates the client device, the identity broker passes the authentication to the server, which establishes a session with the client device to provide the service.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: September 22, 2020
    Assignee: Lookout, Inc.
    Inventors: Réda Zerrad, Dhruva Gopal, Sneha Sachidananda, Dayyan Yoon Lord, Varun Shimoga Prakash, Christopher Brandon Leach, Brian James Buck
  • Publication number: 20200287934
    Abstract: Disclosed herein are techniques for detecting phishing websites. In one embodiment, a method is disclosed comprising receiving, at a server, a request for a webpage from a client device; generating, by the server, and inserting an encoded tracking value (ETV) into the webpage; inserting, by the server, dynamic tracking code (DTC) into the webpage, the inserting of the DTC further comprising obfuscating the DTC; and returning, by the server, the webpage including the ETV and DTC to the client device, the DTC configured to execute upon receipt at the client device and validate the ETV upon executing.
    Type: Application
    Filed: November 12, 2019
    Publication date: September 10, 2020
    Inventors: Jeremy Boyd Richards, Brian James Buck
  • Publication number: 20200285752
    Abstract: A method includes: after installation of software on a first mobile device, receiving new data from a second mobile device; analyzing, using a data repository, the new data to provide a security assessment; determining, based on the security assessment, a new security threat associated with the software; and in response to determining the new security threat, causing the first mobile device to implement a quarantine of the software.
    Type: Application
    Filed: March 7, 2019
    Publication date: September 10, 2020
    Inventors: Timothy Micheal Wyatt, William Neil Robinson, Brian James Buck, Alex Richard Gladd
  • Publication number: 20200285761
    Abstract: For increased device security, a security policy manager is used to configure permissions for applications installed on mobile computing devices. In one approach, an evaluation server receives data associated with a context for a computing device. Based on the received data, a policy that is applicable for the current context of the computing device is identified. The identified policy has rules regarding access permissions for software installed on computing devices. The server determines a current policy implemented on the computing device, which includes determining an access permission for software installed on the computing device. The server determines that the access permission for the installed software does not comply with the policy applicable to the current context. Based on this determination, the server revokes the access permission for the installed software.
    Type: Application
    Filed: March 7, 2019
    Publication date: September 10, 2020
    Inventors: Brian James Buck, Aaron Cockerill
  • Publication number: 20200287910
    Abstract: An identity broker receives a request for access by a client device to a service provided by a server. In response to the request, the identity broker determines an identity of the client device using a client certificate. The identity broker also determines whether the client device is in a secure state. If the client device is secure, the identity broker sends an authentication request to an identity provider. After the identity provider authenticates the client device, the identity broker passes the authentication to the server, which establishes a session with the client device to provide the service.
    Type: Application
    Filed: October 28, 2019
    Publication date: September 10, 2020
    Inventors: Réda Zerrad, Dhruva Gopal, Sneha Sachidananda, Dayyan Yoon Lord, Varun Shimoga Prakash, Christopher Brandon Leach, Brian James Buck
  • Publication number: 20200287793
    Abstract: Techniques for enterprise policy rehearsals, rollouts, and rollbacks are described herein. The techniques can include a server receiving data associated with computing devices. The server compares the received data to data stored in a data repository. The data in the data repository corresponds to risks identified based on information collected from different computing devices prior to receiving the data associated with the computing devices. A risk profile is generated by the server based on comparing the received data to the repository data for each of the computing devices. The server causes, based on the risk profile for each of the computing devices, one or more responsive actions (e.g., using the risk profiles to prioritize deployment of software to the computing devices).
    Type: Application
    Filed: March 7, 2019
    Publication date: September 10, 2020
    Inventors: Brian James Buck, Alex Richard Gladd, David Richardson
  • Publication number: 20200286015
    Abstract: Computer systems and methods to protect user credential against phishing with security measures applied based on determination of phishing risks of locations being visited, phishing susceptibility of users, roles of users, verification of senders of messages, and/or the timing of stages in accessing and interacting with the locations. For example, when a site is unclassified at the onset of being accessed by a user device, security measures can be selectively applied to allow the site to be initially viewed on the user device, but disallow some user interactions to reduce phishing risk. For example, a response to a domain name system (DNS) request can be customized based on a user risk level. For example, a message can be displayed without a profile picture of a contact of a user when the sender of the message appears to be the contact but cannot be verified to be the contact.
    Type: Application
    Filed: May 11, 2020
    Publication date: September 10, 2020
    Inventors: Jeremy Boyd Richards, Brian James Buck
  • Publication number: 20200287909
    Abstract: In response to a computing device of a user being reported as lost or stolen, various steps associated with security for the computing device are performed. In one approach, a database is marked to indicate that the computing device is lost or stolen. Applications that are installed on the lost or stolen computing device are determined, and a security action is selected based on this determination. In some cases, the selected security action reduces or denies service to the computing device, and/or blackholes traffic to or from the installed application. A service provider associated with the installed application is determined, and a notification is sent to the service provider. The notification indicates the installed application, and that the computing device of the user has been lost or stolen.
    Type: Application
    Filed: October 8, 2019
    Publication date: September 10, 2020
    Inventors: William Neil Robinson, Brian James Buck
  • Publication number: 20200287913
    Abstract: Techniques for providing domain name and URL visual verifications to increase security of operations on a device. The techniques include a visual indicator and/or warning to a user on the user's computing device that a domain or URL requested by the user and the device is unpopular, new, unknown, inauthentic, associated with malware or phishing, or in some other way, risky. The techniques include identifying a domain name in a communication received by a computing device and then determining a popularity ranking and/or an age of the domain name. The device can render, for display on a screen of the device, a visual indicator having the popularity ranking and/or the age of the domain name. Also, the techniques can include identifying a URL in a communication received by a computing device and then rendering, for display on a screen of the device, a visual indicator having the entire URL.
    Type: Application
    Filed: March 7, 2019
    Publication date: September 10, 2020
    Inventor: Brian James Buck
  • Publication number: 20200287935
    Abstract: Techniques for phishing protection using cloning detection are described herein. The techniques described herein can include a server which hosts a website detecting that a fetcher is a cloning toolkit or an entity known for using a cloning toolkit. The techniques can also include a server which hosts a downloadable application (such as a mobile application) detecting that a fetcher for the application is a cloning toolkit or an entity known for using a cloning toolkit. The detection can be done in several ways, such as by analyzing data logs for patterns associated with cloning toolkits or entities known for using cloning toolkits. The techniques described herein can also include a part of an end user device (such as a part of a mobile device) detecting a clone (such as a clone website or application) that was cloned by a cloning toolkit. Then, upon detection, security actions can be taken.
    Type: Application
    Filed: November 19, 2019
    Publication date: September 10, 2020
    Inventors: Jeremy Boyd Richards, Brian James Buck
  • Publication number: 20200287933
    Abstract: Techniques for DNS prefetching based on application or contextual triggers to increase security in prefetching. The techniques can include storing historical DNS information from sources of DNS information. The historical DNS information can include historical DNS requests and triggering events correlated to the historical DNS requests. The techniques can also include identifying, by a processor or one or more sensors, an occurrence of a triggering event. The techniques can also include, in response to identifying the occurrence of the triggering event, resolving one or more answers to one or more DNS requests correlated with the triggering event based on the stored historical DNS information. The techniques can also include storing the one or more answers for later use by requesters.
    Type: Application
    Filed: March 7, 2019
    Publication date: September 10, 2020
    Inventor: Brian James Buck
  • Publication number: 20200279263
    Abstract: A method for processing a payment transaction is provided that is based on device locations. The method includes a processor receiving a request to authorize an action from a point of sale (POS) device with the request including context representing a first location associated with the action and context representing information about an account associated with the action. In response to receiving additional context including a location associated with a user device from the user device, the processor compares the context representing the first location and the additional context to determine whether to authorize the action.
    Type: Application
    Filed: May 19, 2020
    Publication date: September 3, 2020
    Applicant: LOOKOUT, INC.
    Inventors: Kevin Patrick Mahaffey, Brian James Buck
  • Patent number: 10749877
    Abstract: In response to a computing device of a user being reported as lost or stolen, various steps associated with security for the computing device are performed. In one approach, a database is marked to indicate that the computing device is lost or stolen. Applications that are installed on the lost or stolen computing device are determined, and a security action is selected based on this determination. In some cases, the selected security action reduces or denies service to the computing device, and/or blackholes traffic to or from the installed application. A service provider associated with the installed application is determined, and a notification is sent to the service provider. The notification indicates the installed application, and that the computing device of the user has been lost or stolen.
    Type: Grant
    Filed: October 8, 2019
    Date of Patent: August 18, 2020
    Assignee: Lookout, Inc.
    Inventors: William Neil Robinson, Brian James Buck
  • Patent number: 10742676
    Abstract: Data is collected from a set of devices according to a data collection policy. The data is associated with device configuration, device state, or device behavior. A norm is established using the collected data. A different data collection policy is established based on the norm. Data is collected from a particular device according to the different data collection policy. The norm is compared to the data collected from the particular device. If there is a deviation outside of a threshold deviation between the norm and the data collected from the particular device, a message is transmitted to an administrator.
    Type: Grant
    Filed: August 23, 2018
    Date of Patent: August 11, 2020
    Assignee: LOOKOUT, INC.
    Inventors: Kevin Patrick Mahaffey, Timothy Micheal Wyatt, Brian James Buck, John Gunther Hering, Amit Gupta, Alex Cameron Abey
  • Patent number: 10699234
    Abstract: Computer systems and methods to protect user credential against phishing with security measures applied based on determination of phishing risks of locations being visited, phishing susceptibility of users, roles of users, verification of senders of messages, and/or the timing of stages in accessing and interacting with the locations. For example, when a site is unclassified at the onset of being accessed by a user device, security measures can be selectively applied to allow the site to be initially viewed on the user device, but disallow some user interactions to reduce phishing risk. For example, a response to a domain name system (DNS) request can be customized based on a user risk level. For example, a message can be displayed without a profile picture of a contact of a user when the sender of the message appears to be the contact but cannot be verified to be the contact.
    Type: Grant
    Filed: August 30, 2019
    Date of Patent: June 30, 2020
    Assignee: Lookout, Inc.
    Inventors: Jeremy Boyd Richards, Brian James Buck
  • Patent number: 10699273
    Abstract: A method for authorizing a mobile payment transaction is provided that is based on device locations. The method includes receiving, by a server, a request from a point of sale (POS) device to authorize a payment transaction involving a payment facilitating device. In an embodiment, the request includes payment information of the payment transaction and location information of the POS device. When the request is received, an authorizing client device for the payment transaction is identified based on the payment information from the payment facilitating device. The request to authorize the payment transaction is granted when it is determined that the authorizing client device is located within a predetermined distance from the POS device.
    Type: Grant
    Filed: November 7, 2017
    Date of Patent: June 30, 2020
    Assignee: LOOKOUT, INC.
    Inventors: Kevin Patrick Mahaffey, Brian James Buck
  • Publication number: 20200092104
    Abstract: A security code module is provided that a developer may include in an application. The application, when downloaded onto a mobile communications device, includes the security code module. The security code module then initiates a request to a server to determine the status of the mobile communications device. When the status indicates that the mobile communications device is not in the possession of the registered owner, a security component on the server performs an action in response.
    Type: Application
    Filed: November 15, 2019
    Publication date: March 19, 2020
    Applicant: LOOKOUT, INC.
    Inventors: Marc William Rogers, Brian James Buck
  • Publication number: 20200089869
    Abstract: For increased security, a source is determined for software to be installed on a computing device. In one approach, an application identifier is received from the computing device for an application to be installed. A source identifier of the application is determined. The application identifier and the source identifier are sent over a network to a server. A first state designation for the first application is received from the server. The first state designation represents a trusted state or an untrusted state. In response to receiving the first state designation, a second state designation is set. The second state designation is sent to the computing device.
    Type: Application
    Filed: November 21, 2019
    Publication date: March 19, 2020
    Inventors: David Richardson, Ahmed Mohamed Farrakha, William Neil Robinson, Brian James Buck